merge upstream

Signed-off-by: wozulong <>
replace epay with stripe
2025-11-17 19:13:42 +08:00 · 2024-03-22 18:09:13 +08:00 · 2024-03-22 18:00:20 +08:00 · 2024-03-21 23:57:48 +08:00 · 2024-03-21 23:46:43 +08:00 · 2024-03-21 23:44:39 +08:00
57 changed files with 11832 additions and 499 deletions
--- a/12
+++ b/12
@@ -2,13 +2,14 @@ FROM node:16-slim as builder

 WORKDIR /build
 COPY web/package.json .
-RUN npm install
+COPY web/yarn.lock .
+RUN yarn install --network-timeout 1000000
 COPY ./web .
 COPY ./VERSION .
-RUN DISABLE_ESLINT_PLUGIN='true' REACT_APP_VERSION=$(cat VERSION) npm run build
+RUN DISABLE_ESLINT_PLUGIN='true' REACT_APP_VERSION=$(cat VERSION) yarn build

 FROM golang:1.19-alpine AS builder2
-RUN apk add build-base
+RUN apk add --no-cache build-base
 ENV GO111MODULE=on \
    CGO_ENABLED=1 \
    GOOS=linux
@@ -23,11 +24,6 @@ RUN go mod tidy \

 FROM alpine

-RUN apk update \
-    && apk upgrade \
-    && apk add --no-cache ca-certificates tzdata \
-    && update-ca-certificates 2>/dev/null || true
-
 COPY --from=builder2 /build/one-api /
 EXPOSE 3000
 WORKDIR /data
--- a/2
+++ b/2
@@ -7,7 +7,7 @@ all: build-frontend start-backend

 build-frontend:
 	@echo "Building frontend..."
-	@cd $(FRONTEND_DIR) && npm install && DISABLE_ESLINT_PLUGIN='true' REACT_APP_VERSION=$(cat VERSION) npm run build
+	@cd $(FRONTEND_DIR) && yarn install --network-timeout 1000000 && DISABLE_ESLINT_PLUGIN='true' REACT_APP_VERSION=$(cat VERSION) yarn build

 start-backend:
 	@echo "Starting backend dev server..."
--- a/common/constants.go
+++ b/common/constants.go
@@ -11,12 +11,12 @@ import (

 // Pay Settings

-var PayAddress = ""
-var CustomCallbackAddress = ""
-var EpayId = ""
-var EpayKey = ""
-var Price = 7.3
-var MinTopUp = 1
+var StripeApiSecret = ""
+var StripeWebhookSecret = ""
+var StripePriceId = ""
+var PaymentEnabled = false
+var StripeUnitPrice = 8.0
+var MinTopUp = 5

 var StartTime = time.Now().Unix() // unit: second
 var Version = "v0.0.0"            // this hard coding will be replaced automatically when building, no need to manually change
@@ -188,6 +188,12 @@ const (
 	ChannelStatusAutoDisabled     = 3
 )

+const (
+	TopUpStatusPending = "pending"
+	TopUpStatusSuccess = "success"
+	TopUpStatusExpired = "expired"
+)
+
 const (
 	ChannelTypeUnknown        = 0
 	ChannelTypeOpenAI         = 1
--- a/common/hash.go
+++ b/common/hash.go
@@ -0,0 +1,84 @@
+package common
+
+import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"crypto/sha256"
+	"encoding/hex"
+	"math/rand"
+	"time"
+)
+
+func Sha256Raw(data string) []byte {
+	h := sha256.New()
+	h.Write([]byte(data))
+	return h.Sum(nil)
+}
+
+func Sha1Raw(data []byte) []byte {
+	h := sha1.New()
+	h.Write([]byte(data))
+	return h.Sum(nil)
+}
+
+func Sha1(data string) string {
+	return hex.EncodeToString(Sha1Raw([]byte(data)))
+}
+
+func HmacSha256Raw(message, key []byte) []byte {
+	h := hmac.New(sha256.New, key)
+	h.Write(message)
+	return h.Sum(nil)
+}
+
+func HmacSha256(message, key string) string {
+	return hex.EncodeToString(HmacSha256Raw([]byte(message), []byte(key)))
+}
+
+func RandomBytes(length int) []byte {
+	rand.Seed(time.Now().UnixNano())
+	b := make([]byte, length)
+	if _, err := rand.Read(b); err != nil {
+		panic(err)
+	}
+
+	return b
+}
+
+func RandomString(length int) string {
+	const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+	result := make([]byte, length)
+	randomBytes := RandomBytes(length)
+	for i := 0; i < length; i++ {
+		result[i] = chars[randomBytes[i]%byte(len(chars))]
+	}
+
+	return string(result)
+}
+
+func RandomHex(length int) string {
+	const chars = "abcdef0123456789"
+	result := make([]byte, length)
+	randomBytes := RandomBytes(length)
+	for i := 0; i < length; i++ {
+		result[i] = chars[randomBytes[i]%byte(len(chars))]
+	}
+
+	return string(result)
+}
+
+func RandomNumber(length int) string {
+	const chars = "0123456789"
+	result := make([]byte, length)
+	randomBytes := RandomBytes(length)
+	for i := 0; i < length; i++ {
+		result[i] = chars[randomBytes[i]%byte(len(chars))]
+	}
+
+	return string(result)
+}
+
+func RandomUUID() string {
+	all := RandomHex(32)
+	return all[:8] + "-" + all[8:12] + "-" + all[12:16] + "-" + all[16:20] + "-" + all[20:]
+}
--- a/common/logger.go
+++ b/common/logger.go
@@ -98,3 +98,11 @@ func LogQuota(quota int) string {
 		return fmt.Sprintf("%d 点额度", quota)
 	}
 }
+
+func LogQuotaF(quota float64) string {
+	if DisplayInCurrencyEnabled {
+		return fmt.Sprintf("＄%.6f 额度", quota/QuotaPerUnit)
+	} else {
+		return fmt.Sprintf("%d 点额度", int64(quota))
+	}
+}
--- a/common/str.go
+++ b/common/str.go
@@ -0,0 +1,50 @@
+package common
+
+func SundaySearch(text string, pattern string) bool {
+	// 计算偏移表
+	offset := make(map[rune]int)
+	for i, c := range pattern {
+		offset[c] = len(pattern) - i
+	}
+
+	// 文本串长度和模式串长度
+	n, m := len(text), len(pattern)
+
+	// 主循环，i表示当前对齐的文本串位置
+	for i := 0; i <= n-m; {
+		// 检查子串
+		j := 0
+		for j < m && text[i+j] == pattern[j] {
+			j++
+		}
+		// 如果完全匹配，返回匹配位置
+		if j == m {
+			return true
+		}
+
+		// 如果还有剩余字符，则检查下一位字符在偏移表中的值
+		if i+m < n {
+			next := rune(text[i+m])
+			if val, ok := offset[next]; ok {
+				i += val // 存在于偏移表中，进行跳跃
+			} else {
+				i += len(pattern) + 1 // 不存在于偏移表中，跳过整个模式串长度
+			}
+		} else {
+			break
+		}
+	}
+	return false // 如果没有找到匹配，返回-1
+}
+
+func RemoveDuplicate(s []string) []string {
+	result := make([]string, 0, len(s))
+	temp := map[string]struct{}{}
+	for _, item := range s {
+		if _, ok := temp[item]; !ok {
+			temp[item] = struct{}{}
+			result = append(result, item)
+		}
+	}
+	return result
+}
--- a/constant/sensitive.go
+++ b/constant/sensitive.go
@@ -0,0 +1,42 @@
+package constant
+
+import "strings"
+
+var CheckSensitiveEnabled = true
+var CheckSensitiveOnPromptEnabled = true
+var CheckSensitiveOnCompletionEnabled = true
+
+// StopOnSensitiveEnabled 如果检测到敏感词，是否立刻停止生成，否则替换敏感词
+var StopOnSensitiveEnabled = true
+
+// StreamCacheQueueLength 流模式缓存队列长度，0表示无缓存
+var StreamCacheQueueLength = 0
+
+// SensitiveWords 敏感词
+// var SensitiveWords []string
+var SensitiveWords = []string{
+	"test",
+}
+
+func SensitiveWordsToString() string {
+	return strings.Join(SensitiveWords, "\n")
+}
+
+func SensitiveWordsFromString(s string) {
+	SensitiveWords = []string{}
+	sw := strings.Split(s, "\n")
+	for _, w := range sw {
+		w = strings.TrimSpace(w)
+		if w != "" {
+			SensitiveWords = append(SensitiveWords, w)
+		}
+	}
+}
+
+func ShouldCheckPromptSensitive() bool {
+	return CheckSensitiveEnabled && CheckSensitiveOnPromptEnabled
+}
+
+func ShouldCheckCompletionSensitive() bool {
+	return CheckSensitiveEnabled && CheckSensitiveOnCompletionEnabled
+}
--- a/controller/channel-test.go
+++ b/controller/channel-test.go
@@ -87,7 +87,7 @@ func testChannel(channel *model.Channel, testModel string) (err error, openaiErr
 		err := relaycommon.RelayErrorHandler(resp)
 		return fmt.Errorf("status code %d: %s", resp.StatusCode, err.Error.Message), &err.Error
 	}
-	usage, respErr := adaptor.DoResponse(c, resp, meta)
+	usage, respErr, _ := adaptor.DoResponse(c, resp, meta)
 	if respErr != nil {
 		return fmt.Errorf("%s", respErr.Error.Message), &respErr.Error
 	}
--- a/controller/misc.go
+++ b/controller/misc.go
@@ -33,6 +33,7 @@ func GetStatus(c *gin.Context) {
 		"success": true,
 		"message": "",
 		"data": gin.H{
+			"version":                  common.Version,
 			"start_time":               common.StartTime,
 			"email_verification":       common.EmailVerificationEnabled,
 			"github_oauth":             common.GitHubOAuthEnabled,
@@ -47,7 +48,7 @@ func GetStatus(c *gin.Context) {
 			"wechat_qrcode":            common.WeChatAccountQRCodeImageURL,
 			"wechat_login":             common.WeChatAuthEnabled,
 			"server_address":           common.ServerAddress,
-			"price":                    common.Price,
+			"stripe_unit_price":        common.StripeUnitPrice,
 			"min_topup":                common.MinTopUp,
 			"turnstile_check":          common.TurnstileCheckEnabled,
 			"turnstile_site_key":       common.TurnstileSiteKey,
@@ -61,9 +62,8 @@ func GetStatus(c *gin.Context) {
 			"enable_data_export":       common.DataExportEnabled,
 			"data_export_default_time": common.DataExportDefaultTime,
 			"default_collapse_sidebar": common.DefaultCollapseSidebar,
-			"enable_online_topup":      common.PayAddress != "" && common.EpayId != "" && common.EpayKey != "",
+			"payment_enabled":          common.PaymentEnabled,
 			"mj_notify_enabled":        constant.MjNotifyEnabled,
-			"version":                  common.Version,
 		},
 	})
 	return
--- a/controller/stripe.go
+++ b/controller/stripe.go
@@ -0,0 +1,96 @@
+package controller
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/stripe/stripe-go/v76"
+	"github.com/stripe/stripe-go/v76/webhook"
+	"io"
+	"log"
+	"net/http"
+	"one-api/common"
+	"one-api/model"
+	"strconv"
+	"strings"
+)
+
+func StripeWebhook(c *gin.Context) {
+	payload, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		log.Printf("解析Stripe Webhook参数失败: %v\n", err)
+		c.AbortWithStatus(http.StatusServiceUnavailable)
+		return
+	}
+
+	signature := c.GetHeader("Stripe-Signature")
+	endpointSecret := common.StripeWebhookSecret
+	event, err := webhook.ConstructEvent(payload, signature, endpointSecret)
+
+	if err != nil {
+		log.Printf("Stripe Webhook验签失败: %v\n", err)
+		c.AbortWithStatus(http.StatusBadRequest)
+		return
+	}
+
+	switch event.Type {
+	case stripe.EventTypeCheckoutSessionCompleted:
+		sessionCompleted(event)
+	case stripe.EventTypeCheckoutSessionExpired:
+		sessionExpired(event)
+	default:
+		log.Printf("不支持的Stripe Webhook事件类型: %s\n", event.Type)
+	}
+
+	c.Status(http.StatusOK)
+}
+
+func sessionCompleted(event stripe.Event) {
+	referenceId := event.GetObjectValue("client_reference_id")
+	status := event.GetObjectValue("status")
+	if "complete" != status {
+		log.Println("错误的Stripe Checkout完成状态:", status, ",", referenceId)
+		return
+	}
+
+	err := model.Recharge(referenceId)
+	if err != nil {
+		log.Println(err.Error(), referenceId)
+		return
+	}
+
+	total, _ := strconv.ParseFloat(event.GetObjectValue("amount_total"), 64)
+	currency := strings.ToUpper(event.GetObjectValue("currency"))
+	log.Printf("收到款项：%s, %.2f(%s)", referenceId, total/100, currency)
+}
+
+func sessionExpired(event stripe.Event) {
+	referenceId := event.GetObjectValue("client_reference_id")
+	status := event.GetObjectValue("status")
+	if "expired" != status {
+		log.Println("错误的Stripe Checkout过期状态:", status, ",", referenceId)
+		return
+	}
+
+	if "" == referenceId {
+		log.Println("未提供支付单号")
+		return
+	}
+
+	topUp := model.GetTopUpByTradeNo(referenceId)
+	if topUp == nil {
+		log.Println("充值订单不存在", referenceId)
+		return
+	}
+
+	if topUp.Status != common.TopUpStatusPending {
+		log.Println("充值订单状态错误", referenceId)
+	}
+
+	topUp.Status = common.TopUpStatusExpired
+	err := topUp.Update()
+	if err != nil {
+		log.Println("过期充值订单失败", referenceId, ", err:", err.Error())
+		return
+	}
+
+	log.Println("充值订单已过期", referenceId)
+}
--- a/controller/topup.go
+++ b/controller/topup.go
@@ -1,21 +1,20 @@
 package controller

+import "C"
 import (
 	"fmt"
 	"github.com/gin-gonic/gin"
-	"github.com/samber/lo"
-	epay "github.com/star-horizon/go-epay"
+	"github.com/stripe/stripe-go/v76"
+	"github.com/stripe/stripe-go/v76/checkout/session"
 	"log"
-	"net/url"
 	"one-api/common"
 	"one-api/model"
-	"one-api/service"
 	"strconv"
-	"sync"
+	"strings"
 	"time"
 )

-type EpayRequest struct {
+type PayRequest struct {
 	Amount        int    `json:"amount"`
 	PaymentMethod string `json:"payment_method"`
 	TopUpCode     string `json:"top_up_code"`
@@ -26,177 +25,103 @@ type AmountRequest struct {
 	TopUpCode string `json:"top_up_code"`
 }

-func GetEpayClient() *epay.Client {
-	if common.PayAddress == "" || common.EpayId == "" || common.EpayKey == "" {
-		return nil
+func genStripeLink(referenceId string, amount int64) (string, error) {
+	if !strings.HasPrefix(common.StripeApiSecret, "sk_") {
+		return "", fmt.Errorf("无效的Stripe API密钥")
 	}
-	withUrl, err := epay.NewClientWithUrl(&epay.Config{
-		PartnerID: common.EpayId,
-		Key:       common.EpayKey,
-	}, common.PayAddress)
+
+	stripe.Key = common.StripeApiSecret
+
+	params := &stripe.CheckoutSessionParams{
+		ClientReferenceID: stripe.String(referenceId),
+		SuccessURL:        stripe.String(common.ServerAddress + "/log"),
+		CancelURL:         stripe.String(common.ServerAddress + "/topup"),
+		LineItems: []*stripe.CheckoutSessionLineItemParams{
+			{
+				Price:    stripe.String(common.StripePriceId),
+				Quantity: stripe.Int64(amount),
+			},
+		},
+		Mode: stripe.String(string(stripe.CheckoutSessionModePayment)),
+	}
+	result, err := session.New(params)
 	if err != nil {
-		return nil
+		return "", err
 	}
-	return withUrl
+
+	return result.URL, nil
 }

-func GetAmount(count float64, user model.User) float64 {
-	// 别问为什么用float64，问就是这么点钱没必要
-	topupGroupRatio := common.GetTopupGroupRatio(user.Group)
-	if topupGroupRatio == 0 {
-		topupGroupRatio = 1
-	}
-	amount := count * common.Price * topupGroupRatio
-	return amount
+func GetPayAmount(count float64) float64 {
+	return count * common.StripeUnitPrice
 }

-func RequestEpay(c *gin.Context) {
-	var req EpayRequest
+func GetChargedAmount(count float64, user model.User) float64 {
+	topUpGroupRatio := common.GetTopupGroupRatio(user.Group)
+	if topUpGroupRatio == 0 {
+		topUpGroupRatio = 1
+	}
+
+	return count * topUpGroupRatio
+}
+
+func RequestPayLink(c *gin.Context) {
+	var req PayRequest
 	err := c.ShouldBindJSON(&req)
 	if err != nil {
 		c.JSON(200, gin.H{"message": err.Error(), "data": 10})
 		return
 	}
+	if !common.PaymentEnabled {
+		c.JSON(200, gin.H{"message": "error", "data": "管理员未开启在线支付"})
+		return
+	}
+	if req.PaymentMethod != "stripe" {
+		c.JSON(200, gin.H{"message": "error", "data": "不支持的支付渠道"})
+		return
+	}
 	if req.Amount < common.MinTopUp {
 		c.JSON(200, gin.H{"message": fmt.Sprintf("充值数量不能小于 %d", common.MinTopUp), "data": 10})
 		return
 	}
+	if req.Amount > 10000 {
+		c.JSON(200, gin.H{"message": "充值数量不能大于 10000", "data": 10})
+		return
+	}

 	id := c.GetInt("id")
 	user, _ := model.GetUserById(id, false)
-	payMoney := GetAmount(float64(req.Amount), *user)
+	chargedMoney := GetChargedAmount(float64(req.Amount), *user)

-	var payType epay.PurchaseType
-	if req.PaymentMethod == "zfb" {
-		payType = epay.Alipay
-	}
-	if req.PaymentMethod == "wx" {
-		req.PaymentMethod = "wxpay"
-		payType = epay.WechatPay
-	}
-	callBackAddress := service.GetCallbackAddress()
-	returnUrl, _ := url.Parse(common.ServerAddress + "/log")
-	notifyUrl, _ := url.Parse(callBackAddress + "/api/user/epay/notify")
-	tradeNo := strconv.FormatInt(time.Now().Unix(), 10)
-	client := GetEpayClient()
-	if client == nil {
-		c.JSON(200, gin.H{"message": "error", "data": "当前管理员未配置支付信息"})
-		return
-	}
-	uri, params, err := client.Purchase(&epay.PurchaseArgs{
-		Type:           payType,
-		ServiceTradeNo: "A" + tradeNo,
-		Name:           "B" + tradeNo,
-		Money:          strconv.FormatFloat(payMoney, 'f', 2, 64),
-		Device:         epay.PC,
-		NotifyUrl:      notifyUrl,
-		ReturnUrl:      returnUrl,
-	})
+	reference := fmt.Sprintf("new-api-ref-%d-%d-%s", user.Id, time.Now().UnixMilli(), common.RandomString(4))
+	referenceId := "ref_" + common.Sha1(reference)
+
+	payLink, err := genStripeLink(referenceId, int64(req.Amount))
 	if err != nil {
+		log.Println("获取Stripe Checkout支付链接失败", err)
 		c.JSON(200, gin.H{"message": "error", "data": "拉起支付失败"})
 		return
 	}
+
 	topUp := &model.TopUp{
 		UserId:     id,
 		Amount:     req.Amount,
-		Money:      payMoney,
-		TradeNo:    "A" + tradeNo,
+		Money:      chargedMoney,
+		TradeNo:    referenceId,
 		CreateTime: time.Now().Unix(),
-		Status:     "pending",
+		Status:     common.TopUpStatusPending,
 	}
 	err = topUp.Insert()
 	if err != nil {
 		c.JSON(200, gin.H{"message": "error", "data": "创建订单失败"})
 		return
 	}
-	c.JSON(200, gin.H{"message": "success", "data": params, "url": uri})
-}
-
-// tradeNo lock
-var orderLocks sync.Map
-var createLock sync.Mutex
-
-// LockOrder 尝试对给定订单号加锁
-func LockOrder(tradeNo string) {
-	lock, ok := orderLocks.Load(tradeNo)
-	if !ok {
-		createLock.Lock()
-		defer createLock.Unlock()
-		lock, ok = orderLocks.Load(tradeNo)
-		if !ok {
-			lock = new(sync.Mutex)
-			orderLocks.Store(tradeNo, lock)
-		}
-	}
-	lock.(*sync.Mutex).Lock()
-}
-
-// UnlockOrder 释放给定订单号的锁
-func UnlockOrder(tradeNo string) {
-	lock, ok := orderLocks.Load(tradeNo)
-	if ok {
-		lock.(*sync.Mutex).Unlock()
-	}
-}
-
-func EpayNotify(c *gin.Context) {
-	params := lo.Reduce(lo.Keys(c.Request.URL.Query()), func(r map[string]string, t string, i int) map[string]string {
-		r[t] = c.Request.URL.Query().Get(t)
-		return r
-	}, map[string]string{})
-	client := GetEpayClient()
-	if client == nil {
-		log.Println("易支付回调失败 未找到配置信息")
-		_, err := c.Writer.Write([]byte("fail"))
-		if err != nil {
-			log.Println("易支付回调写入失败")
-			return
-		}
-	}
-	verifyInfo, err := client.Verify(params)
-	if err == nil && verifyInfo.VerifyStatus {
-		_, err := c.Writer.Write([]byte("success"))
-		if err != nil {
-			log.Println("易支付回调写入失败")
-		}
-	} else {
-		_, err := c.Writer.Write([]byte("fail"))
-		if err != nil {
-			log.Println("易支付回调写入失败")
-		}
-		log.Println("易支付回调签名验证失败")
-		return
-	}
-
-	if verifyInfo.TradeStatus == epay.StatusTradeSuccess {
-		log.Println(verifyInfo)
-		LockOrder(verifyInfo.ServiceTradeNo)
-		defer UnlockOrder(verifyInfo.ServiceTradeNo)
-		topUp := model.GetTopUpByTradeNo(verifyInfo.ServiceTradeNo)
-		if topUp == nil {
-			log.Printf("易支付回调未找到订单: %v", verifyInfo)
-			return
-		}
-		if topUp.Status == "pending" {
-			topUp.Status = "success"
-			err := topUp.Update()
-			if err != nil {
-				log.Printf("易支付回调更新订单失败: %v", topUp)
-				return
-			}
-			//user, _ := model.GetUserById(topUp.UserId, false)
-			//user.Quota += topUp.Amount * 500000
-			err = model.IncreaseUserQuota(topUp.UserId, topUp.Amount*500000)
-			if err != nil {
-				log.Printf("易支付回调更新用户失败: %v", topUp)
-				return
-			}
-			log.Printf("易支付回调更新用户成功 %v", topUp)
-			model.RecordLog(topUp.UserId, model.LogTypeTopup, fmt.Sprintf("使用在线充值成功，充值金额: %v，支付金额：%f", common.LogQuota(topUp.Amount*500000), topUp.Money))
-		}
-	} else {
-		log.Printf("易支付异常回调: %v", verifyInfo)
-	}
+	c.JSON(200, gin.H{
+		"message": "success",
+		"data": gin.H{
+			"payLink": payLink,
+		},
+	})
 }

 func RequestAmount(c *gin.Context) {
@@ -206,12 +131,23 @@ func RequestAmount(c *gin.Context) {
 		c.JSON(200, gin.H{"message": "error", "data": "参数错误"})
 		return
 	}
+	if !common.PaymentEnabled {
+		c.JSON(200, gin.H{"message": "error", "data": "管理员未开启在线支付"})
+		return
+	}
 	if req.Amount < common.MinTopUp {
 		c.JSON(200, gin.H{"message": "error", "data": fmt.Sprintf("充值数量不能小于 %d", common.MinTopUp)})
 		return
 	}
 	id := c.GetInt("id")
 	user, _ := model.GetUserById(id, false)
-	payMoney := GetAmount(float64(req.Amount), *user)
-	c.JSON(200, gin.H{"message": "success", "data": strconv.FormatFloat(payMoney, 'f', 2, 64)})
+	payMoney := GetPayAmount(float64(req.Amount))
+	chargedMoney := GetChargedAmount(float64(req.Amount), *user)
+	c.JSON(200, gin.H{
+		"message": "success",
+		"data": gin.H{
+			"payAmount":     strconv.FormatFloat(payMoney, 'f', 2, 64),
+			"chargedAmount": strconv.FormatFloat(chargedMoney, 'f', 2, 64),
+		},
+	})
 }
--- a/controller/user.go
+++ b/controller/user.go
@@ -516,7 +516,7 @@ func UpdateSelf(c *gin.Context) {
 	return
 }

-func DeleteUser(c *gin.Context) {
+func HardDeleteUser(c *gin.Context) {
 	id, err := strconv.Atoi(c.Param("id"))
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
@@ -525,7 +525,7 @@ func DeleteUser(c *gin.Context) {
 		})
 		return
 	}
-	originUser, err := model.GetUserById(id, false)
+	originUser, err := model.GetUserByIdUnscoped(id, false)
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
@@ -549,6 +549,12 @@ func DeleteUser(c *gin.Context) {
 		})
 		return
 	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"success": true,
+		"message": "",
+	})
+	return
 }

 func DeleteSelf(c *gin.Context) {
--- a/dto/sensitive.go
+++ b/dto/sensitive.go
@@ -0,0 +1,6 @@
+package dto
+
+type SensitiveResponse struct {
+	SensitiveWords []string `json:"sensitive_words"`
+	Content        string   `json:"content"`
+}
--- a/dto/text_response.go
+++ b/dto/text_response.go
@@ -1,11 +1,25 @@
 package dto

-type TextResponse struct {
-	Choices []OpenAITextResponseChoice `json:"choices"`
+type TextResponseWithError struct {
+	Id      string                        `json:"id"`
+	Object  string                        `json:"object"`
+	Created int64                         `json:"created"`
+	Choices []OpenAITextResponseChoice    `json:"choices"`
+	Data    []OpenAIEmbeddingResponseItem `json:"data"`
+	Model   string                        `json:"model"`
 	Usage   `json:"usage"`
 	Error   OpenAIError `json:"error"`
 }

+type TextResponse struct {
+	Id      string                     `json:"id"`
+	Object  string                     `json:"object"`
+	Created int64                      `json:"created"`
+	Model   string                     `json:"model"`
+	Choices []OpenAITextResponseChoice `json:"choices"`
+	Usage   `json:"usage"`
+}
+
 type OpenAITextResponseChoice struct {
 	Index        int `json:"index"`
 	Message      `json:"message"`
--- a/go.mod
+++ b/go.mod
@@ -4,6 +4,7 @@ module one-api
 go 1.18

 require (
+	github.com/anknown/ahocorasick v0.0.0-20190904063843-d75dbd5169c0
 	github.com/gin-contrib/cors v1.4.0
 	github.com/gin-contrib/gzip v0.0.6
 	github.com/gin-contrib/sessions v0.0.5
@@ -27,6 +28,7 @@ require (
 )

 require (
+	github.com/anknown/darts v0.0.0-20151216065714-83ff685239e6 // indirect
 	github.com/bytedance/sonic v1.9.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
@@ -57,6 +59,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/stripe/stripe-go/v76 v76.21.0 // indirect
 	github.com/tklauser/go-sysconf v0.3.12 // indirect
 	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
--- a/go.sum
+++ b/go.sum
@@ -1,3 +1,7 @@
+github.com/anknown/ahocorasick v0.0.0-20190904063843-d75dbd5169c0 h1:onfun1RA+KcxaMk1lfrRnwCd1UUuOjJM/lri5eM1qMs=
+github.com/anknown/ahocorasick v0.0.0-20190904063843-d75dbd5169c0/go.mod h1:4yg+jNTYlDEzBjhGS96v+zjyA3lfXlFd5CiTLIkPBLI=
+github.com/anknown/darts v0.0.0-20151216065714-83ff685239e6 h1:HblK3eJHq54yET63qPCTJnks3loDse5xRmmqHgHzwoI=
+github.com/anknown/darts v0.0.0-20151216065714-83ff685239e6/go.mod h1:pbiaLIeYLUbgMY1kwEAdwO6UKD5ZNwdPGQlwokS9fe8=
 github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM=
 github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s=
 github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
@@ -15,8 +19,6 @@ github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cu
 github.com/dlclark/regexp2 v1.10.0 h1:+/GIL799phkJqYW+3YbOd8LCcbHzT0Pbo8zl70MHsq0=
 github.com/dlclark/regexp2 v1.10.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
-github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
-github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
 github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
 github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
 github.com/gin-contrib/cors v1.4.0 h1:oJ6gwtUl3lqV0WEIwM/LxPF1QZ5qe2lGWdY2+bz7y0g=
@@ -37,7 +39,6 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
-github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8=
 github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
@@ -48,8 +49,6 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.2.0/go.mod h1:uOYAAleCW8F/7oMFd6aG0GOhaH6EGOAJShg8Id5JGkI=
 github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
-github.com/go-playground/validator/v10 v10.16.0 h1:x+plE831WK4vaKHO/jpgUGsvLKIqRRkz6M78GuJAfGE=
-github.com/go-playground/validator/v10 v10.16.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
 github.com/go-playground/validator/v10 v10.19.0 h1:ol+5Fu+cSq9JD7SoSqe04GMI92cbn0+wvQ3bZ8b/AU4=
 github.com/go-playground/validator/v10 v10.19.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
 github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
@@ -105,8 +104,6 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
-github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
-github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
 github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
@@ -154,9 +151,10 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stripe/stripe-go/v76 v76.21.0 h1:O3GHImHS4oUI3qWMOClHN3zAQF5/oswS/NB7leV1fsU=
+github.com/stripe/stripe-go/v76 v76.21.0/go.mod h1:rw1MxjlAKKcZ+3FOXgTHgwiOa2ya6CPq6ykpJ0Q6Po4=
 github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
 github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
 github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
@@ -175,8 +173,6 @@ golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUu
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
 golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 h1:3MTrJm4PyNL9NBqvYDSj3DHl46qQakyfqfWo4jgfaEM=
@@ -184,8 +180,7 @@ golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17/go.mod h1:lgLbSvA5ygNOMpwM/9
 golang.org/x/image v0.15.0 h1:kOELfmgrmJlw4Cdb7g/QGuB3CvDrXbqEIww/pNtNBm8=
 golang.org/x/image v0.15.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
@@ -193,6 +188,7 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -200,8 +196,6 @@ golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
--- a/model/main.go
+++ b/model/main.go
@@ -94,7 +94,10 @@ func InitDB() (err error) {
 			return nil
 		}
 		if common.UsingMySQL {
-			_, _ = sqlDB.Exec("DROP INDEX idx_channels_key ON channels;") // TODO: delete this line when most users have upgraded
+			_, _ = sqlDB.Exec("DROP INDEX idx_channels_key ON channels;")             // TODO: delete this line when most users have upgraded
+			_, _ = sqlDB.Exec("ALTER TABLE midjourneys MODIFY action VARCHAR(40);")   // TODO: delete this line when most users have upgraded
+			_, _ = sqlDB.Exec("ALTER TABLE midjourneys MODIFY progress VARCHAR(30);") // TODO: delete this line when most users have upgraded
+			_, _ = sqlDB.Exec("ALTER TABLE midjourneys MODIFY status VARCHAR(20);")   // TODO: delete this line when most users have upgraded
 		}
 		common.SysLog("database migration started")
 		err = db.AutoMigrate(&Channel{})
--- a/model/option.go
+++ b/model/option.go
@@ -58,11 +58,11 @@ func InitOptionMap() {
 	common.OptionMap["SystemName"] = common.SystemName
 	common.OptionMap["Logo"] = common.Logo
 	common.OptionMap["ServerAddress"] = ""
-	common.OptionMap["PayAddress"] = ""
-	common.OptionMap["CustomCallbackAddress"] = ""
-	common.OptionMap["EpayId"] = ""
-	common.OptionMap["EpayKey"] = ""
-	common.OptionMap["Price"] = strconv.FormatFloat(common.Price, 'f', -1, 64)
+	common.OptionMap["StripeApiSecret"] = common.StripeApiSecret
+	common.OptionMap["StripeWebhookSecret"] = common.StripeWebhookSecret
+	common.OptionMap["StripePriceId"] = common.StripePriceId
+	common.OptionMap["PaymentEnabled"] = strconv.FormatBool(common.PaymentEnabled)
+	common.OptionMap["StripeUnitPrice"] = strconv.FormatFloat(common.StripeUnitPrice, 'f', -1, 64)
 	common.OptionMap["MinTopUp"] = strconv.Itoa(common.MinTopUp)
 	common.OptionMap["TopupGroupRatio"] = common.TopupGroupRatio2JSONString()
 	common.OptionMap["GitHubClientId"] = ""
@@ -94,6 +94,12 @@ func InitOptionMap() {
 	common.OptionMap["DataExportDefaultTime"] = common.DataExportDefaultTime
 	common.OptionMap["DefaultCollapseSidebar"] = strconv.FormatBool(common.DefaultCollapseSidebar)
 	common.OptionMap["MjNotifyEnabled"] = strconv.FormatBool(constant.MjNotifyEnabled)
+	common.OptionMap["CheckSensitiveEnabled"] = strconv.FormatBool(constant.CheckSensitiveEnabled)
+	common.OptionMap["CheckSensitiveOnPromptEnabled"] = strconv.FormatBool(constant.CheckSensitiveOnPromptEnabled)
+	common.OptionMap["CheckSensitiveOnCompletionEnabled"] = strconv.FormatBool(constant.CheckSensitiveOnCompletionEnabled)
+	common.OptionMap["StopOnSensitiveEnabled"] = strconv.FormatBool(constant.StopOnSensitiveEnabled)
+	common.OptionMap["SensitiveWords"] = constant.SensitiveWordsToString()
+	common.OptionMap["StreamCacheQueueLength"] = strconv.Itoa(constant.StreamCacheQueueLength)

 	common.OptionMapRWMutex.Unlock()
 	loadOptionsFromDatabase()
@@ -191,6 +197,14 @@ func updateOptionMap(key string, value string) (err error) {
 			common.DefaultCollapseSidebar = boolValue
 		case "MjNotifyEnabled":
 			constant.MjNotifyEnabled = boolValue
+		case "CheckSensitiveEnabled":
+			constant.CheckSensitiveEnabled = boolValue
+		case "CheckSensitiveOnPromptEnabled":
+			constant.CheckSensitiveOnPromptEnabled = boolValue
+		case "CheckSensitiveOnCompletionEnabled":
+			constant.CheckSensitiveOnCompletionEnabled = boolValue
+		case "StopOnSensitiveEnabled":
+			constant.StopOnSensitiveEnabled = boolValue
 		}
 	}
 	switch key {
@@ -209,16 +223,16 @@ func updateOptionMap(key string, value string) (err error) {
 		common.SMTPToken = value
 	case "ServerAddress":
 		common.ServerAddress = value
-	case "PayAddress":
-		common.PayAddress = value
-	case "CustomCallbackAddress":
-		common.CustomCallbackAddress = value
-	case "EpayId":
-		common.EpayId = value
-	case "EpayKey":
-		common.EpayKey = value
-	case "Price":
-		common.Price, _ = strconv.ParseFloat(value, 64)
+	case "StripeApiSecret":
+		common.StripeApiSecret = value
+	case "StripeWebhookSecret":
+		common.StripeWebhookSecret = value
+	case "StripePriceId":
+		common.StripePriceId = value
+	case "PaymentEnabled":
+		common.PaymentEnabled, _ = strconv.ParseBool(value)
+	case "StripeUnitPrice":
+		common.StripeUnitPrice, _ = strconv.ParseFloat(value, 64)
 	case "MinTopUp":
 		common.MinTopUp, _ = strconv.Atoi(value)
 	case "TopupGroupRatio":
@@ -285,6 +299,10 @@ func updateOptionMap(key string, value string) (err error) {
 		common.ChannelDisableThreshold, _ = strconv.ParseFloat(value, 64)
 	case "QuotaPerUnit":
 		common.QuotaPerUnit, _ = strconv.ParseFloat(value, 64)
+	case "SensitiveWords":
+		constant.SensitiveWordsFromString(value)
+	case "StreamCacheQueueLength":
+		constant.StreamCacheQueueLength, _ = strconv.Atoi(value)
 	}
 	return err
 }
--- a/model/topup.go
+++ b/model/topup.go
@@ -1,13 +1,21 @@
 package model

+import (
+	"errors"
+	"fmt"
+	"gorm.io/gorm"
+	"one-api/common"
+)
+
 type TopUp struct {
-	Id         int     `json:"id"`
-	UserId     int     `json:"user_id" gorm:"index"`
-	Amount     int     `json:"amount"`
-	Money      float64 `json:"money"`
-	TradeNo    string  `json:"trade_no"`
-	CreateTime int64   `json:"create_time"`
-	Status     string  `json:"status"`
+	Id           int     `json:"id"`
+	UserId       int     `json:"user_id" gorm:"index"`
+	Amount       int     `json:"amount"`
+	Money        float64 `json:"money"`
+	TradeNo      string  `json:"trade_no" gorm:"unique"`
+	CreateTime   int64   `json:"create_time"`
+	CompleteTime int64   `json:"complete_time"`
+	Status       string  `json:"status"`
 }

 func (topUp *TopUp) Insert() error {
@@ -41,3 +49,51 @@ func GetTopUpByTradeNo(tradeNo string) *TopUp {
 	}
 	return topUp
 }
+
+func Recharge(referenceId string) (err error) {
+	if referenceId == "" {
+		return errors.New("未提供支付单号")
+	}
+
+	var quota float64
+	topUp := &TopUp{}
+
+	refCol := "`trade_no`"
+	if common.UsingPostgreSQL {
+		refCol = `"trade_no"`
+	}
+
+	err = DB.Transaction(func(tx *gorm.DB) error {
+		err := tx.Set("gorm:query_option", "FOR UPDATE").Where(refCol+" = ?", referenceId).First(topUp).Error
+		if err != nil {
+			return errors.New("充值订单不存在")
+		}
+
+		if topUp.Status != common.TopUpStatusPending {
+			return errors.New("充值订单状态错误")
+		}
+
+		topUp.CompleteTime = common.GetTimestamp()
+		topUp.Status = common.TopUpStatusSuccess
+		err = tx.Save(topUp).Error
+		if err != nil {
+			return err
+		}
+
+		quota = topUp.Money * common.QuotaPerUnit
+		err = tx.Model(&User{}).Where("id = ?", topUp.UserId).Update("quota", gorm.Expr("quota + ?", quota)).Error
+		if err != nil {
+			return err
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		return errors.New("充值失败，" + err.Error())
+	}
+
+	RecordLog(topUp.UserId, LogTypeTopup, fmt.Sprintf("使用在线充值成功，充值金额: %v，支付金额：%d", common.LogQuotaF(quota), topUp.Amount))
+
+	return nil
+}
--- a/model/user.go
+++ b/model/user.go
@@ -65,7 +65,7 @@ func CheckUserExistOrDeleted(username string, email string) (bool, error) {

 func GetMaxUserId() int {
 	var user User
-	DB.Last(&user)
+	DB.Unscoped().Last(&user)
 	return user.Id
 }

@@ -93,6 +93,20 @@ func GetUserById(id int, selectAll bool) (*User, error) {
 	return &user, err
 }

+func GetUserByIdUnscoped(id int, selectAll bool) (*User, error) {
+	if id == 0 {
+		return nil, errors.New("id 为空！")
+	}
+	user := User{Id: id}
+	var err error = nil
+	if selectAll {
+		err = DB.Unscoped().First(&user, "id = ?", id).Error
+	} else {
+		err = DB.Unscoped().Omit("password").First(&user, "id = ?", id).Error
+	}
+	return &user, err
+}
+
 func GetUserIdByAffCode(affCode string) (int, error) {
 	if affCode == "" {
 		return 0, errors.New("affCode 为空！")
--- a/relay/channel/adapter.go
+++ b/relay/channel/adapter.go
@@ -15,7 +15,7 @@ type Adaptor interface {
 	SetupRequestHeader(c *gin.Context, req *http.Request, info *relaycommon.RelayInfo) error
 	ConvertRequest(c *gin.Context, relayMode int, request *dto.GeneralOpenAIRequest) (any, error)
 	DoRequest(c *gin.Context, info *relaycommon.RelayInfo, requestBody io.Reader) (*http.Response, error)
-	DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode)
+	DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse)
 	GetModelList() []string
 	GetChannelName() string
 }
--- a/relay/channel/ali/adaptor.go
+++ b/relay/channel/ali/adaptor.go
@@ -57,7 +57,7 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		err, usage = aliStreamHandler(c, resp)
 	} else {
--- a/relay/channel/baidu/adaptor.go
+++ b/relay/channel/baidu/adaptor.go
@@ -69,7 +69,7 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		err, usage = baiduStreamHandler(c, resp)
 	} else {
--- a/relay/channel/claude/adaptor.go
+++ b/relay/channel/claude/adaptor.go
@@ -63,7 +63,7 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		err, usage = claudeStreamHandler(a.RequestMode, info.UpstreamModelName, info.PromptTokens, c, resp)
 	} else {
--- a/relay/channel/claude/relay-claude.go
+++ b/relay/channel/claude/relay-claude.go
@@ -8,6 +8,7 @@ import (
 	"io"
 	"net/http"
 	"one-api/common"
+	"one-api/constant"
 	"one-api/dto"
 	"one-api/service"
 	"strings"
@@ -149,6 +150,9 @@ func streamResponseClaude2OpenAI(reqMode int, claudeResponse *ClaudeResponse) (*
 			claudeUsage = &claudeResponse.Usage
 		}
 	}
+	if claudeUsage == nil {
+		claudeUsage = &ClaudeUsage{}
+	}
 	response.Choices = append(response.Choices, choice)
 	return &response, claudeUsage
 }
@@ -194,7 +198,8 @@ func responseClaude2OpenAI(reqMode int, claudeResponse *ClaudeResponse) *dto.Ope

 func claudeStreamHandler(requestMode int, modelName string, promptTokens int, c *gin.Context, resp *http.Response) (*dto.OpenAIErrorWithStatusCode, *dto.Usage) {
 	responseId := fmt.Sprintf("chatcmpl-%s", common.GetUUID())
-	var usage dto.Usage
+	var usage *dto.Usage
+	usage = &dto.Usage{}
 	responseText := ""
 	createdTime := common.GetTimestamp()
 	scanner := bufio.NewScanner(resp.Body)
@@ -277,13 +282,13 @@ func claudeStreamHandler(requestMode int, modelName string, promptTokens int, c
 		return service.OpenAIErrorWrapper(err, "close_response_body_failed", http.StatusInternalServerError), nil
 	}
 	if requestMode == RequestModeCompletion {
-		usage = *service.ResponseText2Usage(responseText, modelName, promptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, modelName, promptTokens)
 	} else {
 		if usage.CompletionTokens == 0 {
-			usage = *service.ResponseText2Usage(responseText, modelName, usage.PromptTokens)
+			usage, _ = service.ResponseText2Usage(responseText, modelName, usage.PromptTokens)
 		}
 	}
-	return nil, &usage
+	return nil, usage
 }

 func claudeHandler(requestMode int, c *gin.Context, resp *http.Response, promptTokens int, model string) (*dto.OpenAIErrorWithStatusCode, *dto.Usage) {
@@ -312,7 +317,10 @@ func claudeHandler(requestMode int, c *gin.Context, resp *http.Response, promptT
 		}, nil
 	}
 	fullTextResponse := responseClaude2OpenAI(requestMode, &claudeResponse)
-	completionTokens := service.CountTokenText(claudeResponse.Completion, model)
+	completionTokens, err, _ := service.CountTokenText(claudeResponse.Completion, model, constant.ShouldCheckCompletionSensitive())
+	if err != nil {
+		return service.OpenAIErrorWrapper(err, "count_token_text_failed", http.StatusInternalServerError), nil
+	}
 	usage := dto.Usage{}
 	if requestMode == RequestModeCompletion {
 		usage.PromptTokens = promptTokens
--- a/relay/channel/gemini/adaptor.go
+++ b/relay/channel/gemini/adaptor.go
@@ -47,11 +47,11 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = geminiChatStreamHandler(c, resp)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
 		err, usage = geminiChatHandler(c, resp, info.PromptTokens, info.UpstreamModelName)
 	}
--- a/relay/channel/gemini/relay-gemini.go
+++ b/relay/channel/gemini/relay-gemini.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"net/http"
 	"one-api/common"
+	"one-api/constant"
 	"one-api/dto"
 	relaycommon "one-api/relay/common"
 	"one-api/service"
@@ -256,7 +257,7 @@ func geminiChatHandler(c *gin.Context, resp *http.Response, promptTokens int, mo
 		}, nil
 	}
 	fullTextResponse := responseGeminiChat2OpenAI(&geminiResponse)
-	completionTokens := service.CountTokenText(geminiResponse.GetResponseText(), model)
+	completionTokens, _, _ := service.CountTokenText(geminiResponse.GetResponseText(), model, constant.ShouldCheckCompletionSensitive())
 	usage := dto.Usage{
 		PromptTokens:     promptTokens,
 		CompletionTokens: completionTokens,
--- a/relay/channel/ollama/adaptor.go
+++ b/relay/channel/ollama/adaptor.go
@@ -39,13 +39,13 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = openai.OpenaiStreamHandler(c, resp, info.RelayMode)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
-		err, usage = openai.OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName)
+		err, usage, sensitiveResp = openai.OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName, info.RelayMode)
 	}
 	return
 }
--- a/relay/channel/openai/adaptor.go
+++ b/relay/channel/openai/adaptor.go
@@ -71,13 +71,13 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = OpenaiStreamHandler(c, resp, info.RelayMode)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
-		err, usage = OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName)
+		err, usage, sensitiveResp = OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName, info.RelayMode)
 	}
 	return
 }
--- a/relay/channel/openai/relay-openai.go
+++ b/relay/channel/openai/relay-openai.go
@@ -4,10 +4,14 @@ import (
 	"bufio"
 	"bytes"
 	"encoding/json"
+	"errors"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	"io"
+	"log"
 	"net/http"
 	"one-api/common"
+	"one-api/constant"
 	"one-api/dto"
 	relayconstant "one-api/relay/constant"
 	"one-api/service"
@@ -17,6 +21,7 @@ import (
 )

 func OpenaiStreamHandler(c *gin.Context, resp *http.Response, relayMode int) (*dto.OpenAIErrorWithStatusCode, string) {
+	checkSensitive := constant.ShouldCheckCompletionSensitive()
 	var responseTextBuilder strings.Builder
 	scanner := bufio.NewScanner(resp.Body)
 	scanner.Split(func(data []byte, atEOF bool) (advance int, token []byte, err error) {
@@ -36,11 +41,10 @@ func OpenaiStreamHandler(c *gin.Context, resp *http.Response, relayMode int) (*d
 	defer close(stopChan)
 	defer close(dataChan)
 	var wg sync.WaitGroup
-
 	go func() {
 		wg.Add(1)
 		defer wg.Done()
-		var streamItems []string
+		var streamItems []string // store stream items
 		for scanner.Scan() {
 			data := scanner.Text()
 			if len(data) < 6 { // ignore blank line or wrong format
@@ -49,11 +53,20 @@ func OpenaiStreamHandler(c *gin.Context, resp *http.Response, relayMode int) (*d
 			if data[:6] != "data: " && data[:6] != "[DONE]" {
 				continue
 			}
+			sensitive := false
+			if checkSensitive {
+				// check sensitive
+				sensitive, _, data = service.SensitiveWordReplace(data, false)
+			}
 			dataChan <- data
 			data = data[6:]
 			if !strings.HasPrefix(data, "[DONE]") {
 				streamItems = append(streamItems, data)
 			}
+			if sensitive && constant.StopOnSensitiveEnabled {
+				dataChan <- "data: [DONE]"
+				break
+			}
 		}
 		streamResp := "[" + strings.Join(streamItems, ",") + "]"
 		switch relayMode {
@@ -111,55 +124,118 @@ func OpenaiStreamHandler(c *gin.Context, resp *http.Response, relayMode int) (*d
 	return nil, responseTextBuilder.String()
 }

-func OpenaiHandler(c *gin.Context, resp *http.Response, promptTokens int, model string) (*dto.OpenAIErrorWithStatusCode, *dto.Usage) {
-	var textResponse dto.TextResponse
+func OpenaiHandler(c *gin.Context, resp *http.Response, promptTokens int, model string, relayMode int) (*dto.OpenAIErrorWithStatusCode, *dto.Usage, *dto.SensitiveResponse) {
+	var responseWithError dto.TextResponseWithError
 	responseBody, err := io.ReadAll(resp.Body)
 	if err != nil {
-		return service.OpenAIErrorWrapper(err, "read_response_body_failed", http.StatusInternalServerError), nil
+		return service.OpenAIErrorWrapper(err, "read_response_body_failed", http.StatusInternalServerError), nil, nil
 	}
 	err = resp.Body.Close()
 	if err != nil {
-		return service.OpenAIErrorWrapper(err, "close_response_body_failed", http.StatusInternalServerError), nil
+		return service.OpenAIErrorWrapper(err, "close_response_body_failed", http.StatusInternalServerError), nil, nil
 	}
-	err = json.Unmarshal(responseBody, &textResponse)
+	err = json.Unmarshal(responseBody, &responseWithError)
 	if err != nil {
-		return service.OpenAIErrorWrapper(err, "unmarshal_response_body_failed", http.StatusInternalServerError), nil
+		log.Printf("unmarshal_response_body_failed: body: %s, err: %v", string(responseBody), err)
+		return service.OpenAIErrorWrapper(err, "unmarshal_response_body_failed", http.StatusInternalServerError), nil, nil
 	}
-	if textResponse.Error.Type != "" {
+	if responseWithError.Error.Type != "" {
 		return &dto.OpenAIErrorWithStatusCode{
-			Error:      textResponse.Error,
+			Error:      responseWithError.Error,
 			StatusCode: resp.StatusCode,
-		}, nil
-	}
-	// Reset response body
-	resp.Body = io.NopCloser(bytes.NewBuffer(responseBody))
-	// We shouldn't set the header before we parse the response body, because the parse part may fail.
-	// And then we will have to send an error response, but in this case, the header has already been set.
-	// So the httpClient will be confused by the response.
-	// For example, Postman will report error, and we cannot check the response at all.
-	for k, v := range resp.Header {
-		c.Writer.Header().Set(k, v[0])
-	}
-	c.Writer.WriteHeader(resp.StatusCode)
-	_, err = io.Copy(c.Writer, resp.Body)
-	if err != nil {
-		return service.OpenAIErrorWrapper(err, "copy_response_body_failed", http.StatusInternalServerError), nil
-	}
-	err = resp.Body.Close()
-	if err != nil {
-		return service.OpenAIErrorWrapper(err, "close_response_body_failed", http.StatusInternalServerError), nil
+		}, nil, nil
 	}

-	if textResponse.Usage.TotalTokens == 0 {
-		completionTokens := 0
-		for _, choice := range textResponse.Choices {
-			completionTokens += service.CountTokenText(string(choice.Message.Content), model)
+	checkSensitive := constant.ShouldCheckCompletionSensitive()
+	sensitiveWords := make([]string, 0)
+	triggerSensitive := false
+
+	usage := &responseWithError.Usage
+
+	//textResponse := &dto.TextResponse{
+	//	Choices: responseWithError.Choices,
+	//	Usage:   responseWithError.Usage,
+	//}
+	var doResponseBody []byte
+
+	switch relayMode {
+	case relayconstant.RelayModeEmbeddings:
+		embeddingResponse := &dto.OpenAIEmbeddingResponse{
+			Object: responseWithError.Object,
+			Data:   responseWithError.Data,
+			Model:  responseWithError.Model,
+			Usage:  *usage,
 		}
-		textResponse.Usage = dto.Usage{
-			PromptTokens:     promptTokens,
-			CompletionTokens: completionTokens,
-			TotalTokens:      promptTokens + completionTokens,
+		doResponseBody, err = json.Marshal(embeddingResponse)
+	default:
+		if responseWithError.Usage.TotalTokens == 0 || checkSensitive {
+			completionTokens := 0
+			for i, choice := range responseWithError.Choices {
+				stringContent := string(choice.Message.Content)
+				ctkm, _, _ := service.CountTokenText(stringContent, model, false)
+				completionTokens += ctkm
+				if checkSensitive {
+					sensitive, words, stringContent := service.SensitiveWordReplace(stringContent, false)
+					if sensitive {
+						triggerSensitive = true
+						msg := choice.Message
+						msg.Content = common.StringToByteSlice(stringContent)
+						responseWithError.Choices[i].Message = msg
+						sensitiveWords = append(sensitiveWords, words...)
+					}
+				}
+			}
+			responseWithError.Usage = dto.Usage{
+				PromptTokens:     promptTokens,
+				CompletionTokens: completionTokens,
+				TotalTokens:      promptTokens + completionTokens,
+			}
+		}
+		textResponse := &dto.TextResponse{
+			Id:      responseWithError.Id,
+			Created: responseWithError.Created,
+			Object:  responseWithError.Object,
+			Choices: responseWithError.Choices,
+			Model:   responseWithError.Model,
+			Usage:   *usage,
+		}
+		doResponseBody, err = json.Marshal(textResponse)
+	}
+
+	if checkSensitive && triggerSensitive && constant.StopOnSensitiveEnabled {
+		sensitiveWords = common.RemoveDuplicate(sensitiveWords)
+		return service.OpenAIErrorWrapper(errors.New(fmt.Sprintf("sensitive words detected on response: %s",
+				strings.Join(sensitiveWords, ", "))), "sensitive_words_detected", http.StatusBadRequest),
+			usage, &dto.SensitiveResponse{
+				SensitiveWords: sensitiveWords,
+			}
+	} else {
+		// Reset response body
+		resp.Body = io.NopCloser(bytes.NewBuffer(doResponseBody))
+		// We shouldn't set the header before we parse the response body, because the parse part may fail.
+		// And then we will have to send an error response, but in this case, the header has already been set.
+		// So the httpClient will be confused by the response.
+		// For example, Postman will report error, and we cannot check the response at all.
+		// Copy headers
+		for k, v := range resp.Header {
+			// 删除任何现有的相同头部，以防止重复添加头部
+			c.Writer.Header().Del(k)
+			for _, vv := range v {
+				c.Writer.Header().Add(k, vv)
+			}
+		}
+		// reset content length
+		c.Writer.Header().Del("Content-Length")
+		c.Writer.Header().Set("Content-Length", fmt.Sprintf("%d", len(doResponseBody)))
+		c.Writer.WriteHeader(resp.StatusCode)
+		_, err = io.Copy(c.Writer, resp.Body)
+		if err != nil {
+			return service.OpenAIErrorWrapper(err, "copy_response_body_failed", http.StatusInternalServerError), nil, nil
+		}
+		err = resp.Body.Close()
+		if err != nil {
+			return service.OpenAIErrorWrapper(err, "close_response_body_failed", http.StatusInternalServerError), nil, nil
 		}
 	}
-	return nil, &textResponse.Usage
+	return nil, usage, nil
 }
--- a/relay/channel/palm/adaptor.go
+++ b/relay/channel/palm/adaptor.go
@@ -39,11 +39,11 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = palmStreamHandler(c, resp)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
 		err, usage = palmHandler(c, resp, info.PromptTokens, info.UpstreamModelName)
 	}
--- a/relay/channel/palm/relay-palm.go
+++ b/relay/channel/palm/relay-palm.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"net/http"
 	"one-api/common"
+	"one-api/constant"
 	"one-api/dto"
 	relaycommon "one-api/relay/common"
 	"one-api/service"
@@ -156,7 +157,7 @@ func palmHandler(c *gin.Context, resp *http.Response, promptTokens int, model st
 		}, nil
 	}
 	fullTextResponse := responsePaLM2OpenAI(&palmResponse)
-	completionTokens := service.CountTokenText(palmResponse.Candidates[0].Content, model)
+	completionTokens, _, _ := service.CountTokenText(palmResponse.Candidates[0].Content, model, constant.ShouldCheckCompletionSensitive())
 	usage := dto.Usage{
 		PromptTokens:     promptTokens,
 		CompletionTokens: completionTokens,
--- a/relay/channel/perplexity/adaptor.go
+++ b/relay/channel/perplexity/adaptor.go
@@ -43,13 +43,13 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = openai.OpenaiStreamHandler(c, resp, info.RelayMode)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
-		err, usage = openai.OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName)
+		err, usage, sensitiveResp = openai.OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName, info.RelayMode)
 	}
 	return
 }
--- a/relay/channel/tencent/adaptor.go
+++ b/relay/channel/tencent/adaptor.go
@@ -53,11 +53,11 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = tencentStreamHandler(c, resp)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
 		err, usage = tencentHandler(c, resp)
 	}
--- a/relay/channel/xunfei/adaptor.go
+++ b/relay/channel/xunfei/adaptor.go
@@ -43,13 +43,13 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return dummyResp, nil
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	splits := strings.Split(info.ApiKey, "|")
 	if len(splits) != 3 {
-		return nil, service.OpenAIErrorWrapper(errors.New("invalid auth"), "invalid_auth", http.StatusBadRequest)
+		return nil, service.OpenAIErrorWrapper(errors.New("invalid auth"), "invalid_auth", http.StatusBadRequest), nil
 	}
 	if a.request == nil {
-		return nil, service.OpenAIErrorWrapper(errors.New("request is nil"), "request_is_nil", http.StatusBadRequest)
+		return nil, service.OpenAIErrorWrapper(errors.New("request is nil"), "request_is_nil", http.StatusBadRequest), nil
 	}
 	if info.IsStream {
 		err, usage = xunfeiStreamHandler(c, *a.request, splits[0], splits[1], splits[2])
--- a/relay/channel/zhipu/adaptor.go
+++ b/relay/channel/zhipu/adaptor.go
@@ -46,7 +46,7 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		err, usage = zhipuStreamHandler(c, resp)
 	} else {
--- a/relay/channel/zhipu_4v/adaptor.go
+++ b/relay/channel/zhipu_4v/adaptor.go
@@ -44,13 +44,13 @@ func (a *Adaptor) DoRequest(c *gin.Context, info *relaycommon.RelayInfo, request
 	return channel.DoApiRequest(a, c, info, requestBody)
 }

-func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode) {
+func (a *Adaptor) DoResponse(c *gin.Context, resp *http.Response, info *relaycommon.RelayInfo) (usage *dto.Usage, err *dto.OpenAIErrorWithStatusCode, sensitiveResp *dto.SensitiveResponse) {
 	if info.IsStream {
 		var responseText string
 		err, responseText = openai.OpenaiStreamHandler(c, resp, info.RelayMode)
-		usage = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
+		usage, _ = service.ResponseText2Usage(responseText, info.UpstreamModelName, info.PromptTokens)
 	} else {
-		err, usage = openai.OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName)
+		err, usage, sensitiveResp = openai.OpenaiHandler(c, resp, info.PromptTokens, info.UpstreamModelName, info.RelayMode)
 	}
 	return
 }
--- a/relay/common/relay_utils.go
+++ b/relay/common/relay_utils.go
@@ -35,7 +35,7 @@ func RelayErrorHandler(resp *http.Response) (OpenAIErrorWithStatusCode *dto.Open
 	if err != nil {
 		return
 	}
-	var textResponse dto.TextResponse
+	var textResponse dto.TextResponseWithError
 	err = json.Unmarshal(responseBody, &textResponse)
 	if err != nil {
 		return
--- a/relay/relay-audio.go
+++ b/relay/relay-audio.go
@@ -10,6 +10,7 @@ import (
 	"io"
 	"net/http"
 	"one-api/common"
+	"one-api/constant"
 	"one-api/dto"
 	"one-api/model"
 	relaycommon "one-api/relay/common"
@@ -62,8 +63,16 @@ func AudioHelper(c *gin.Context, relayMode int) *dto.OpenAIErrorWithStatusCode {
 			return service.OpenAIErrorWrapper(errors.New("voice must be one of "+strings.Join(availableVoices, ", ")), "invalid_field_value", http.StatusBadRequest)
 		}
 	}
-
+	var err error
+	promptTokens := 0
 	preConsumedTokens := common.PreConsumedQuota
+	if strings.HasPrefix(audioRequest.Model, "tts-1") {
+		promptTokens, err, _ = service.CountAudioToken(audioRequest.Input, audioRequest.Model, constant.ShouldCheckPromptSensitive())
+		if err != nil {
+			return service.OpenAIErrorWrapper(err, "count_audio_token_failed", http.StatusInternalServerError)
+		}
+		preConsumedTokens = promptTokens
+	}
 	modelRatio := common.GetModelRatio(audioRequest.Model)
 	groupRatio := common.GetGroupRatio(group)
 	ratio := modelRatio * groupRatio
@@ -161,12 +170,10 @@ func AudioHelper(c *gin.Context, relayMode int) *dto.OpenAIErrorWithStatusCode {
 		go func() {
 			useTimeSeconds := time.Now().Unix() - startTime.Unix()
 			quota := 0
-			var promptTokens = 0
 			if strings.HasPrefix(audioRequest.Model, "tts-1") {
-				quota = service.CountAudioToken(audioRequest.Input, audioRequest.Model)
-				promptTokens = quota
+				quota = promptTokens
 			} else {
-				quota = service.CountAudioToken(audioResponse.Text, audioRequest.Model)
+				quota, err, _ = service.CountAudioToken(audioResponse.Text, audioRequest.Model, constant.ShouldCheckCompletionSensitive())
 			}
 			quota = int(float64(quota) * ratio)
 			if ratio != 0 && quota <= 0 {
@@ -208,6 +215,10 @@ func AudioHelper(c *gin.Context, relayMode int) *dto.OpenAIErrorWithStatusCode {
 		if err != nil {
 			return service.OpenAIErrorWrapper(err, "unmarshal_response_body_failed", http.StatusInternalServerError)
 		}
+		contains, words := service.SensitiveWordContains(audioResponse.Text)
+		if contains {
+			return service.OpenAIErrorWrapper(errors.New("response contains sensitive words: "+strings.Join(words, ", ")), "response_contains_sensitive_words", http.StatusBadRequest)
+		}
 	}

 	resp.Body = io.NopCloser(bytes.NewBuffer(responseBody))
--- a/relay/relay-text.go
+++ b/relay/relay-text.go
@@ -10,6 +10,7 @@ import (
 	"math"
 	"net/http"
 	"one-api/common"
+	"one-api/constant"
 	"one-api/dto"
 	"one-api/model"
 	relaycommon "one-api/relay/common"
@@ -96,10 +97,14 @@ func TextHelper(c *gin.Context) *dto.OpenAIErrorWithStatusCode {
 	var preConsumedQuota int
 	var ratio float64
 	var modelRatio float64
-	promptTokens, err := getPromptTokens(textRequest, relayInfo)
+	//err := service.SensitiveWordsCheck(textRequest)
+	promptTokens, err, sensitiveTrigger := getPromptTokens(textRequest, relayInfo)

 	// count messages token error 计算promptTokens错误
 	if err != nil {
+		if sensitiveTrigger {
+			return service.OpenAIErrorWrapper(err, "sensitive_words_detected", http.StatusBadRequest)
+		}
 		return service.OpenAIErrorWrapper(err, "count_token_messages_failed", http.StatusInternalServerError)
 	}

@@ -160,34 +165,44 @@ func TextHelper(c *gin.Context) *dto.OpenAIErrorWithStatusCode {
 		return service.RelayErrorHandler(resp)
 	}

-	usage, openaiErr := adaptor.DoResponse(c, resp, relayInfo)
+	usage, openaiErr, sensitiveResp := adaptor.DoResponse(c, resp, relayInfo)
 	if openaiErr != nil {
-		returnPreConsumedQuota(c, relayInfo.TokenId, userQuota, preConsumedQuota)
-		return openaiErr
+		if sensitiveResp == nil { // 如果没有敏感词检查结果
+			returnPreConsumedQuota(c, relayInfo.TokenId, userQuota, preConsumedQuota)
+			return openaiErr
+		} else {
+			// 如果有敏感词检查结果，不返回预消耗配额，继续消耗配额
+			postConsumeQuota(c, relayInfo, *textRequest, usage, ratio, preConsumedQuota, userQuota, modelRatio, groupRatio, modelPrice, sensitiveResp)
+			if constant.StopOnSensitiveEnabled { // 是否直接返回错误
+				return openaiErr
+			}
+			return nil
+		}
 	}
-	postConsumeQuota(c, relayInfo, *textRequest, usage, ratio, preConsumedQuota, userQuota, modelRatio, groupRatio, modelPrice)
+	postConsumeQuota(c, relayInfo, *textRequest, usage, ratio, preConsumedQuota, userQuota, modelRatio, groupRatio, modelPrice, nil)
 	return nil
 }

-func getPromptTokens(textRequest *dto.GeneralOpenAIRequest, info *relaycommon.RelayInfo) (int, error) {
+func getPromptTokens(textRequest *dto.GeneralOpenAIRequest, info *relaycommon.RelayInfo) (int, error, bool) {
 	var promptTokens int
 	var err error
-
+	var sensitiveTrigger bool
+	checkSensitive := constant.ShouldCheckPromptSensitive()
 	switch info.RelayMode {
 	case relayconstant.RelayModeChatCompletions:
-		promptTokens, err = service.CountTokenMessages(textRequest.Messages, textRequest.Model)
+		promptTokens, err, sensitiveTrigger = service.CountTokenMessages(textRequest.Messages, textRequest.Model, checkSensitive)
 	case relayconstant.RelayModeCompletions:
-		promptTokens, err = service.CountTokenInput(textRequest.Prompt, textRequest.Model), nil
+		promptTokens, err, sensitiveTrigger = service.CountTokenInput(textRequest.Prompt, textRequest.Model, checkSensitive)
 	case relayconstant.RelayModeModerations:
-		promptTokens, err = service.CountTokenInput(textRequest.Input, textRequest.Model), nil
+		promptTokens, err, sensitiveTrigger = service.CountTokenInput(textRequest.Input, textRequest.Model, checkSensitive)
 	case relayconstant.RelayModeEmbeddings:
-		promptTokens, err = service.CountTokenInput(textRequest.Input, textRequest.Model), nil
+		promptTokens, err, sensitiveTrigger = service.CountTokenInput(textRequest.Input, textRequest.Model, checkSensitive)
 	default:
 		err = errors.New("unknown relay mode")
 		promptTokens = 0
 	}
 	info.PromptTokens = promptTokens
-	return promptTokens, err
+	return promptTokens, err, sensitiveTrigger
 }

 // 预扣费并返回用户剩余配额
@@ -241,7 +256,10 @@ func returnPreConsumedQuota(c *gin.Context, tokenId int, userQuota int, preConsu
 	}
 }

-func postConsumeQuota(ctx *gin.Context, relayInfo *relaycommon.RelayInfo, textRequest dto.GeneralOpenAIRequest, usage *dto.Usage, ratio float64, preConsumedQuota int, userQuota int, modelRatio float64, groupRatio float64, modelPrice float64) {
+func postConsumeQuota(ctx *gin.Context, relayInfo *relaycommon.RelayInfo, textRequest dto.GeneralOpenAIRequest,
+	usage *dto.Usage, ratio float64, preConsumedQuota int, userQuota int, modelRatio float64, groupRatio float64,
+	modelPrice float64, sensitiveResp *dto.SensitiveResponse) {
+
 	useTimeSeconds := time.Now().Unix() - relayInfo.StartTime.Unix()
 	promptTokens := usage.PromptTokens
 	completionTokens := usage.CompletionTokens
@@ -275,6 +293,9 @@ func postConsumeQuota(ctx *gin.Context, relayInfo *relaycommon.RelayInfo, textRe
 		logContent += fmt.Sprintf("（可能是上游超时）")
 		common.LogError(ctx, fmt.Sprintf("total tokens is 0, cannot consume quota, userId %d, channelId %d, tokenId %d, model %s， pre-consumed quota %d", relayInfo.UserId, relayInfo.ChannelId, relayInfo.TokenId, textRequest.Model, preConsumedQuota))
 	} else {
+		if sensitiveResp != nil {
+			logContent += fmt.Sprintf("，敏感词：%s", strings.Join(sensitiveResp.SensitiveWords, ", "))
+		}
 		quotaDelta := quota - preConsumedQuota
 		err := model.PostConsumeTokenQuota(relayInfo.TokenId, userQuota, quotaDelta, preConsumedQuota, true)
 		if err != nil {
--- a/router/api-router.go
+++ b/router/api-router.go
@@ -31,13 +31,14 @@ func SetApiRouter(router *gin.Engine) {
 		apiRouter.GET("/oauth/telegram/login", middleware.CriticalRateLimit(), controller.TelegramLogin)
 		apiRouter.GET("/oauth/telegram/bind", middleware.CriticalRateLimit(), middleware.UserAuth(), controller.TelegramBind)

+		apiRouter.POST("/stripe/webhook", controller.StripeWebhook)
+
 		userRoute := apiRouter.Group("/user")
 		{
 			userRoute.POST("/register", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.Register)
 			userRoute.POST("/login", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.Login)
 			//userRoute.POST("/tokenlog", middleware.CriticalRateLimit(), controller.TokenLog)
 			userRoute.GET("/logout", controller.Logout)
-			userRoute.GET("/epay/notify", controller.EpayNotify)

 			selfRoute := userRoute.Group("/")
 			selfRoute.Use(middleware.UserAuth())
@@ -48,8 +49,8 @@ func SetApiRouter(router *gin.Engine) {
 				selfRoute.DELETE("/self", controller.DeleteSelf)
 				selfRoute.GET("/token", controller.GenerateAccessToken)
 				selfRoute.GET("/aff", controller.GetAffCode)
-				selfRoute.POST("/topup", controller.TopUp)
-				selfRoute.POST("/pay", controller.RequestEpay)
+				selfRoute.POST("/topup", middleware.CriticalRateLimit(), controller.TopUp)
+				selfRoute.POST("/pay", middleware.CriticalRateLimit(), controller.RequestPayLink)
 				selfRoute.POST("/amount", controller.RequestAmount)
 				selfRoute.POST("/aff_transfer", controller.TransferAffQuota)
 			}
@@ -63,7 +64,7 @@ func SetApiRouter(router *gin.Engine) {
 				adminRoute.POST("/", controller.CreateUser)
 				adminRoute.POST("/manage", controller.ManageUser)
 				adminRoute.PUT("/", controller.UpdateUser)
-				adminRoute.DELETE("/:id", controller.DeleteUser)
+				adminRoute.DELETE("/:id", controller.HardDeleteUser)
 			}
 		}
 		optionRoute := apiRouter.Group("/option")
--- a/service/epay.go
+++ b/service/epay.go
@@ -1,10 +0,0 @@
-package service
-
-import "one-api/common"
-
-func GetCallbackAddress() string {
-	if common.CustomCallbackAddress == "" {
-		return common.ServerAddress
-	}
-	return common.CustomCallbackAddress
-}
--- a/service/midjourney.go
+++ b/service/midjourney.go
@@ -185,7 +185,12 @@ func DoMidjourneyHttpRequest(c *gin.Context, timeout time.Duration, fullRequestU
 	req = req.WithContext(ctx)
 	req.Header.Set("Content-Type", c.Request.Header.Get("Content-Type"))
 	req.Header.Set("Accept", c.Request.Header.Get("Accept"))
-	req.Header.Set("mj-api-secret", strings.Split(c.Request.Header.Get("Authorization"), " ")[1])
+	auth := c.Request.Header.Get("Authorization")
+	if auth != "" {
+		auth = strings.TrimPrefix(auth, "Bearer ")
+		auth = strings.Split(auth, "-")[0]
+		req.Header.Set("mj-api-secret", auth)
+	}
 	defer cancel()
 	resp, err := GetHttpClient().Do(req)
 	if err != nil {
--- a/service/sensitive.go
+++ b/service/sensitive.go
@@ -0,0 +1,71 @@
+package service
+
+import (
+	"bytes"
+	"fmt"
+	"github.com/anknown/ahocorasick"
+	"one-api/constant"
+	"strings"
+)
+
+// SensitiveWordContains 是否包含敏感词，返回是否包含敏感词和敏感词列表
+func SensitiveWordContains(text string) (bool, []string) {
+	if len(constant.SensitiveWords) == 0 {
+		return false, nil
+	}
+	checkText := strings.ToLower(text)
+	// 构建一个AC自动机
+	m := initAc()
+	hits := m.MultiPatternSearch([]rune(checkText), false)
+	if len(hits) > 0 {
+		words := make([]string, 0)
+		for _, hit := range hits {
+			words = append(words, string(hit.Word))
+		}
+		return true, words
+	}
+	return false, nil
+}
+
+// SensitiveWordReplace 敏感词替换，返回是否包含敏感词和替换后的文本
+func SensitiveWordReplace(text string, returnImmediately bool) (bool, []string, string) {
+	if len(constant.SensitiveWords) == 0 {
+		return false, nil, text
+	}
+	checkText := strings.ToLower(text)
+	m := initAc()
+	hits := m.MultiPatternSearch([]rune(checkText), returnImmediately)
+	if len(hits) > 0 {
+		words := make([]string, 0)
+		for _, hit := range hits {
+			pos := hit.Pos
+			word := string(hit.Word)
+			text = text[:pos] + "**###**" + text[pos+len(word):]
+			words = append(words, word)
+		}
+		return true, words, text
+	}
+	return false, nil, text
+}
+
+func initAc() *goahocorasick.Machine {
+	m := new(goahocorasick.Machine)
+	dict := readRunes()
+	if err := m.Build(dict); err != nil {
+		fmt.Println(err)
+		return nil
+	}
+	return m
+}
+
+func readRunes() [][]rune {
+	var dict [][]rune
+
+	for _, word := range constant.SensitiveWords {
+		word = strings.ToLower(word)
+		l := bytes.TrimSpace([]byte(word))
+		dict = append(dict, bytes.Runes(l))
+	}
+
+	return dict
+}
--- a/service/token_counter.go
+++ b/service/token_counter.go
@@ -116,7 +116,7 @@ func getImageToken(imageUrl *dto.MessageImageUrl) (int, error) {
 	return tiles*170 + 85, nil
 }

-func CountTokenMessages(messages []dto.Message, model string) (int, error) {
+func CountTokenMessages(messages []dto.Message, model string, checkSensitive bool) (int, error, bool) {
 	//recover when panic
 	tokenEncoder := getTokenEncoder(model)
 	// Reference:
@@ -142,8 +142,15 @@ func CountTokenMessages(messages []dto.Message, model string) (int, error) {
 			if err := json.Unmarshal(message.Content, &arrayContent); err != nil {
 				var stringContent string
 				if err := json.Unmarshal(message.Content, &stringContent); err != nil {
-					return 0, err
+					return 0, err, false
 				} else {
+					if checkSensitive {
+						contains, words := SensitiveWordContains(stringContent)
+						if contains {
+							err := fmt.Errorf("message contains sensitive words: [%s]", strings.Join(words, ", "))
+							return 0, err, true
+						}
+					}
 					tokenNum += getTokenNum(tokenEncoder, stringContent)
 					if message.Name != nil {
 						tokenNum += tokensPerName
@@ -174,7 +181,7 @@ func CountTokenMessages(messages []dto.Message, model string) (int, error) {
 								imageTokenNum, err = getImageToken(&imageUrl)
 							}
 							if err != nil {
-								return 0, err
+								return 0, err, false
 							}
 						}
 						tokenNum += imageTokenNum
@@ -187,32 +194,46 @@ func CountTokenMessages(messages []dto.Message, model string) (int, error) {
 		}
 	}
 	tokenNum += 3 // Every reply is primed with <|start|>assistant<|message|>
-	return tokenNum, nil
+	return tokenNum, nil, false
 }

-func CountTokenInput(input any, model string) int {
+func CountTokenInput(input any, model string, check bool) (int, error, bool) {
 	switch v := input.(type) {
 	case string:
-		return CountTokenText(v, model)
+		return CountTokenText(v, model, check)
 	case []string:
 		text := ""
 		for _, s := range v {
 			text += s
 		}
-		return CountTokenText(text, model)
+		return CountTokenText(text, model, check)
 	}
-	return 0
+	return 0, errors.New("unsupported input type"), false
 }

-func CountAudioToken(text string, model string) int {
+func CountAudioToken(text string, model string, check bool) (int, error, bool) {
 	if strings.HasPrefix(model, "tts") {
-		return utf8.RuneCountInString(text)
+		contains, words := SensitiveWordContains(text)
+		if contains {
+			return utf8.RuneCountInString(text), fmt.Errorf("input contains sensitive words: [%s]", strings.Join(words, ",")), true
+		}
+		return utf8.RuneCountInString(text), nil, false
 	} else {
-		return CountTokenText(text, model)
+		return CountTokenText(text, model, check)
 	}
 }

-func CountTokenText(text string, model string) int {
+// CountTokenText 统计文本的token数量，仅当文本包含敏感词，返回错误，同时返回token数量
+func CountTokenText(text string, model string, check bool) (int, error, bool) {
+	var err error
+	var trigger bool
+	if check {
+		contains, words := SensitiveWordContains(text)
+		if contains {
+			err = fmt.Errorf("input contains sensitive words: [%s]", strings.Join(words, ","))
+			trigger = true
+		}
+	}
 	tokenEncoder := getTokenEncoder(model)
-	return getTokenNum(tokenEncoder, text)
+	return getTokenNum(tokenEncoder, text), err, trigger
 }
--- a/service/usage_helpr.go
+++ b/service/usage_helpr.go
@@ -1,27 +1,26 @@
 package service

 import (
-	"errors"
 	"one-api/dto"
-	"one-api/relay/constant"
 )

-func GetPromptTokens(textRequest dto.GeneralOpenAIRequest, relayMode int) (int, error) {
-	switch relayMode {
-	case constant.RelayModeChatCompletions:
-		return CountTokenMessages(textRequest.Messages, textRequest.Model)
-	case constant.RelayModeCompletions:
-		return CountTokenInput(textRequest.Prompt, textRequest.Model), nil
-	case constant.RelayModeModerations:
-		return CountTokenInput(textRequest.Input, textRequest.Model), nil
-	}
-	return 0, errors.New("unknown relay mode")
-}
+//func GetPromptTokens(textRequest dto.GeneralOpenAIRequest, relayMode int) (int, error) {
+//	switch relayMode {
+//	case constant.RelayModeChatCompletions:
+//		return CountTokenMessages(textRequest.Messages, textRequest.Model)
+//	case constant.RelayModeCompletions:
+//		return CountTokenInput(textRequest.Prompt, textRequest.Model), nil
+//	case constant.RelayModeModerations:
+//		return CountTokenInput(textRequest.Input, textRequest.Model), nil
+//	}
+//	return 0, errors.New("unknown relay mode")
+//}

-func ResponseText2Usage(responseText string, modeName string, promptTokens int) *dto.Usage {
+func ResponseText2Usage(responseText string, modeName string, promptTokens int) (*dto.Usage, error) {
 	usage := &dto.Usage{}
 	usage.PromptTokens = promptTokens
-	usage.CompletionTokens = CountTokenText(responseText, modeName)
+	ctkm, err, _ := CountTokenText(responseText, modeName, false)
+	usage.CompletionTokens = ctkm
 	usage.TotalTokens = usage.PromptTokens + usage.CompletionTokens
-	return usage
+	return usage, err
 }
--- a/web/.gitignore
+++ b/web/.gitignore
@@ -21,6 +21,4 @@
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
-.idea
-package-lock.json
-yarn.lock
+.idea/
--- a/web/package.json
+++ b/web/package.json
@@ -50,7 +50,8 @@
  },
  "devDependencies": {
    "prettier": "2.8.8",
-    "typescript": "4.4.2"
+    "typescript": "4.4.2",
+    "@babel/plugin-proposal-private-property-in-object": "^7.21.11"
  },
  "prettier": {
    "singleQuote": true,
--- a/web/src/components/GitHubOAuth.js
+++ b/web/src/components/GitHubOAuth.js
@@ -18,6 +18,8 @@ const GitHubOAuth = () => {
    const res = await API.get(`/api/oauth/github?code=${code}&state=${state}&aff=${aff}`);
    const { success, message, data } = res.data;
    if (success) {
+      localStorage.removeItem('aff');
+
      if (message === 'bind') {
        showSuccess('绑定成功！');
        navigate('/setting');
--- a/web/src/components/LinuxDoOAuth.js
+++ b/web/src/components/LinuxDoOAuth.js
@@ -18,6 +18,8 @@ const LinuxDoOAuth = () => {
    const res = await API.get(`/api/oauth/linuxdo?code=${code}&state=${state}&aff=${aff}`);
    const { success, message, data } = res.data;
    if (success) {
+      localStorage.removeItem('aff');
+
      if (message === 'bind') {
        showSuccess('绑定成功！');
        navigate('/setting');
--- a/web/src/components/OperationSetting.js
+++ b/web/src/components/OperationSetting.js
@@ -10,6 +10,7 @@ const OperationSetting = () => {
    QuotaForInvitee: 0,
    QuotaRemindThreshold: 0,
    PreConsumedQuota: 0,
+    StreamCacheQueueLength: 0,
    ModelRatio: '',
    ModelPrice: '',
    GroupRatio: '',
@@ -23,6 +24,11 @@ const OperationSetting = () => {
    LogConsumeEnabled: '',
    DisplayInCurrencyEnabled: '',
    DisplayTokenStatEnabled: '',
+    CheckSensitiveEnabled: '',
+    CheckSensitiveOnPromptEnabled: '',
+    CheckSensitiveOnCompletionEnabled: '',
+    StopOnSensitiveEnabled: '',
+    SensitiveWords: '',
    MjNotifyEnabled: '',
    DrawingEnabled: '',
    DataExportEnabled: '',
@@ -130,6 +136,11 @@ const OperationSetting = () => {
          await updateOption('ModelPrice', inputs.ModelPrice);
        }
        break;
+      case 'words':
+        if (originInputs['SensitiveWords'] !== inputs.SensitiveWords) {
+          await updateOption('SensitiveWords', inputs.SensitiveWords);
+        }
+        break;
      case 'quota':
        if (originInputs['QuotaForNewUser'] !== inputs.QuotaForNewUser) {
          await updateOption('QuotaForNewUser', inputs.QuotaForNewUser);
@@ -273,6 +284,64 @@ const OperationSetting = () => {
            />
          </Form.Group>
          <Divider />
+          <Header as="h3">
+            屏蔽词过滤设置
+          </Header>
+          <Form.Group inline>
+            <Form.Checkbox
+              checked={inputs.CheckSensitiveEnabled === 'true'}
+              label="启用屏蔽词过滤功能"
+              name="CheckSensitiveEnabled"
+              onChange={handleInputChange}
+            />
+          </Form.Group>
+          <Form.Group inline>
+            <Form.Checkbox
+              checked={inputs.CheckSensitiveOnPromptEnabled === 'true'}
+              label="启用prompt检查"
+              name="CheckSensitiveOnPromptEnabled"
+              onChange={handleInputChange}
+            />
+            <Form.Checkbox
+              checked={inputs.CheckSensitiveOnCompletionEnabled === 'true'}
+              label="启用生成内容检查"
+              name="CheckSensitiveOnCompletionEnabled"
+              onChange={handleInputChange}
+            />
+          </Form.Group>
+          <Form.Group inline>
+            <Form.Checkbox
+              checked={inputs.StopOnSensitiveEnabled === 'true'}
+              label="在检测到屏蔽词时，立刻停止生成，否则替换屏蔽词"
+              name="StopOnSensitiveEnabled"
+              onChange={handleInputChange}
+            />
+          </Form.Group>
+          {/*<Form.Group>*/}
+          {/*  <Form.Input*/}
+          {/*    label="流模式下缓存队列，默认不缓存，设置越大检测越准确，但是回复会有卡顿感"*/}
+          {/*    name="StreamCacheTextLength"*/}
+          {/*    onChange={handleInputChange}*/}
+          {/*    value={inputs.StreamCacheQueueLength}*/}
+          {/*    type="number"*/}
+          {/*    min="0"*/}
+          {/*    placeholder="例如：10"*/}
+          {/*  />*/}
+          {/*</Form.Group>*/}
+          <Form.Group widths="equal">
+            <Form.TextArea
+              label="屏蔽词列表，一行一个屏蔽词，不需要符号分割"
+              name="SensitiveWords"
+              onChange={handleInputChange}
+              style={{ minHeight: 250, fontFamily: 'JetBrains Mono, Consolas' }}
+              value={inputs.SensitiveWords}
+              placeholder="一行一个屏蔽词"
+            />
+          </Form.Group>
+          <Form.Button onClick={() => {
+            submitConfig('words').then();
+          }}>保存屏蔽词设置</Form.Button>
+          <Divider />
          <Header as="h3">
            日志设置
          </Header>
--- a/web/src/components/RegisterForm.js
+++ b/web/src/components/RegisterForm.js
@@ -69,6 +69,8 @@ const RegisterForm = () => {
      );
      const { success, message } = res.data;
      if (success) {
+        localStorage.removeItem('aff');
+
        navigate('/login');
        showSuccess('注册成功！');
      } else {
--- a/web/src/components/SystemSetting.js
+++ b/web/src/components/SystemSetting.js
@@ -21,13 +21,13 @@ const SystemSetting = () => {
    SMTPFrom: '',
    SMTPToken: '',
    ServerAddress: '',
-    EpayId: '',
-    EpayKey: '',
-    Price: 7.3,
-    MinTopUp: 1,
+    StripeApiSecret: '',
+    StripeWebhookSecret: '',
+    StripePriceId: '',
+    PaymentEnabled: false,
+    StripeUnitPrice: 8.0,
+    MinTopUp: 5,
    TopupGroupRatio: '',
-    PayAddress: '',
-    CustomCallbackAddress: '',
    Footer: '',
    WeChatAuthEnabled: '',
    WeChatServerAddress: '',
@@ -92,6 +92,7 @@ const SystemSetting = () => {
      case 'TurnstileCheckEnabled':
      case 'EmailDomainRestrictionEnabled':
      case 'RegisterEnabled':
+      case 'PaymentEnabled':
        value = inputs[key] === 'true' ? 'false' : 'true';
        break;
      default:
@@ -106,9 +107,6 @@ const SystemSetting = () => {
      if (key === 'EmailDomainWhitelist') {
        value = value.split(',');
      }
-      if (key === 'Price') {
-        value = parseFloat(value);
-      }
      setInputs((inputs) => ({
        ...inputs, [key]: value
      }));
@@ -128,10 +126,11 @@ const SystemSetting = () => {
      name === 'Notice' ||
      name.startsWith('SMTP') ||
      name === 'ServerAddress' ||
-      name === 'EpayId' ||
-      name === 'EpayKey' ||
-      name === 'Price' ||
-      name === 'PayAddress' ||
+      name === 'StripeApiSecret' ||
+      name === 'StripeWebhookSecret' ||
+      name === 'StripePriceId' ||
+      name === 'StripeUnitPrice' ||
+      name === 'MinTopUp' ||
      name === 'GitHubClientId' ||
      name === 'GitHubClientSecret' ||
      name === 'LinuxDoClientId' ||
@@ -158,7 +157,7 @@ const SystemSetting = () => {
    await updateOption('ServerAddress', ServerAddress);
  };

-  const submitPayAddress = async () => {
+  const submitPaymentConfig = async () => {
    if (inputs.ServerAddress === '') {
      showError('请先填写服务器地址');
      return;
@@ -170,15 +169,30 @@ const SystemSetting = () => {
      }
      await updateOption('TopupGroupRatio', inputs.TopupGroupRatio);
    }
-    let PayAddress = removeTrailingSlash(inputs.PayAddress);
-    await updateOption('PayAddress', PayAddress);
-    if (inputs.EpayId !== '') {
-      await updateOption('EpayId', inputs.EpayId);
+    let stripeApiSecret = removeTrailingSlash(inputs.StripeApiSecret);
+    if (stripeApiSecret && !stripeApiSecret.startsWith("sk_")) {
+      showError('输入了无效的Stripe API密钥');
+      return;
    }
-    if (inputs.EpayKey !== '') {
-      await updateOption('EpayKey', inputs.EpayKey);
+    stripeApiSecret && await updateOption('StripeApiSecret', stripeApiSecret);
+
+    let stripeWebhookSecret = removeTrailingSlash(inputs.StripeWebhookSecret);
+    if (stripeWebhookSecret && !stripeWebhookSecret.startsWith("whsec_")) {
+      showError('输入了无效的Stripe Webhook签名密钥');
+      return;
    }
-    await updateOption('Price', '' + inputs.Price);
+    stripeWebhookSecret && await updateOption('StripeWebhookSecret', stripeWebhookSecret);
+
+    let stripePriceId = removeTrailingSlash(inputs.StripePriceId);
+    if (stripePriceId && !stripePriceId.startsWith("price_")) {
+      showError('输入了无效的Stripe 物品价格ID');
+      return;
+    }
+    await updateOption('StripePriceId', stripePriceId);
+
+    await updateOption('PaymentEnable', inputs.PaymentEnabled);
+    await updateOption('StripeUnitPrice', inputs.StripeUnitPrice);
+    await updateOption('MinTopUp', inputs.MinTopUp);
  };

  const submitSMTP = async () => {
@@ -318,54 +332,66 @@ const SystemSetting = () => {
            更新服务器地址
          </Form.Button>
          <Divider />
-          <Header as="h3">支付设置（当前仅支持易支付接口，默认使用上方服务器地址作为回调地址！）</Header>
+          <Header as="h3">
+            支付设置（当前仅支持Stripe Checkout）
+            <Header.Subheader>
+              密钥、Webhook 等设置请
+              <a href="https://dashboard.stripe.com/developers" target="_blank" rel="noreferrer">
+                点击此处
+              </a>
+              进行设置，最好先在
+              <a href="https://dashboard.stripe.com/test/developers" target="_blank" rel="noreferrer">
+                测试环境
+              </a>
+              进行测试
+            </Header.Subheader>
+          </Header>
+          <Message>
+            Webhook 填：
+            <code>{`${inputs.ServerAddress}/api/stripe/webhook`}</code>
+            ，需要包含事件：<code>checkout.session.completed</code> 和 <code>checkout.session.expired</code>
+          </Message>
          <Form.Group widths="equal">
            <Form.Input
-              label="支付地址，不填写则不启用在线支付"
-              placeholder="例如：https://yourdomain.com"
-              value={inputs.PayAddress}
-              name="PayAddress"
+              label="API密钥"
+              placeholder="sk_xxx的Stripe密钥，敏感信息不显示"
+              value={inputs.StripeApiSecret}
+              name="StripeApiSecret"
              onChange={handleInputChange}
            />
            <Form.Input
-              label="易支付商户ID"
-              placeholder="例如：0001"
-              value={inputs.EpayId}
-              name="EpayId"
+              label="Webhook签名密钥"
+              placeholder="whsec_xxx的Webhook签名密钥，敏感信息不显示"
+              value={inputs.StripeWebhookSecret}
+              name="StripeWebhookSecret"
              onChange={handleInputChange}
            />
            <Form.Input
-              label="易支付商户密钥"
-              placeholder="例如：dejhfueqhujasjmndbjkqaw"
-              value={inputs.EpayKey}
-              name="EpayKey"
+              label="商品价格ID"
+              placeholder="price_xxx的商品价格ID，新建产品后可获得"
+              value={inputs.StripePriceId}
+              name="StripePriceId"
              onChange={handleInputChange}
            />
-
          </Form.Group>
          <Form.Group widths="equal">
            <Form.Input
-              label="回调地址，不填写则使用上方服务器地址作为回调地址"
-              placeholder="例如：https://yourdomain.com"
-              value={inputs.CustomCallbackAddress}
-              name="CustomCallbackAddress"
-              onChange={handleInputChange}
+                label="商品单价（元）"
+                placeholder="商品的人民币价格"
+                value={inputs.StripeUnitPrice}
+                name="StripeUnitPrice"
+                type={"number"}
+                min={0}
+                onChange={handleInputChange}
            />
            <Form.Input
-              label="充值价格（x元/美金）"
-              placeholder="例如：7，就是7元/美金"
-              value={inputs.Price}
-              name="Price"
-              min={0}
-              onChange={handleInputChange}
-            />
-            <Form.Input
-              label="最低充值数量"
-              placeholder="例如：2，就是最低充值2$"
-              value={inputs.MinTopUp}
-              name="MinTopUp"
-              min={1}
-              onChange={handleInputChange}
+                label="最低充值数量"
+                placeholder="例如：2，就是最低充值2件商品"
+                value={inputs.MinTopUp}
+                name="MinTopUp"
+                type={"number"}
+                min={1}
+                onChange={handleInputChange}
            />
          </Form.Group>
          <Form.Group widths="equal">
@@ -379,9 +405,17 @@ const SystemSetting = () => {
              placeholder="为一个 JSON 文本，键为组名称，值为倍率"
            />
          </Form.Group>
-          <Form.Button onClick={submitPayAddress}>
-            更新支付设置
-          </Form.Button>
+          <Form.Group inline>
+            <Form.Button onClick={submitPaymentConfig}>
+              更新支付设置
+            </Form.Button>
+            <Form.Checkbox
+              checked={inputs.PaymentEnabled === 'true'}
+              label="开启在线支付"
+              name="PaymentEnabled"
+              onChange={handleInputChange}
+            />
+          </Form.Group>
          <Divider />
          <Header as="h3">配置登录注册</Header>
          <Form.Group inline>
--- a/web/src/components/UsersTable.js
+++ b/web/src/components/UsersTable.js
@@ -112,19 +112,33 @@ const UsersTable = () => {
          </>

      }
-      <Popconfirm
-        title="确定是否要删除此用户？"
-        content="硬删除，此修改将不可逆"
-        okType={'danger'}
-        position={'left'}
-        onConfirm={() => {
-          manageUser(record.username, 'delete', record).then(() => {
-            removeRecord(record.id);
-          });
-        }}
-      >
-        <Button theme="light" type="danger" style={{ marginRight: 1 }}>删除</Button>
-      </Popconfirm>
+      {
+        record.DeletedAt !== null ? <Popconfirm
+            title="确定是否要删除此用户？"
+            content="硬删除，此修改将不可逆"
+            okType={'danger'}
+            position={'left'}
+            onConfirm={() => {
+              hardDeleteUser(record.id).then(() => {
+                removeRecord(record.id);
+              });
+            }}
+        >
+          <Button theme="light" type="danger" style={{ marginRight: 1 }}>永久删除</Button>
+        </Popconfirm> : <Popconfirm
+            title="确定是否要删除此用户？"
+            content="软删除，数据依然留底"
+            okType={'danger'}
+            position={'left'}
+            onConfirm={() => {
+              manageUser(record.username, 'delete', record).then(() => {
+                record.DeletedAt = new Date();
+              });
+            }}
+        >
+          <Button theme="light" type="danger" style={{ marginRight: 1 }}>删除</Button>
+        </Popconfirm>
+      }
    </div>)
  }];

@@ -216,9 +230,21 @@ const UsersTable = () => {
      setUsers(newUsers);
    } else {
      showError(message);
+      throw new Error(message);
    }
  };

+  const hardDeleteUser = async (userId) => {
+    const res = await API.delete('/api/user/' + userId);
+    const { success, message } = res.data;
+    if (success) {
+      showSuccess('操作成功完成！');
+    } else {
+      showError(message);
+      throw new Error(message);
+    }
+  }
+
  const renderStatus = (status) => {
    switch (status) {
      case 1:
--- a/web/src/helpers/utils.js
+++ b/web/src/helpers/utils.js
@@ -126,6 +126,10 @@ export function openPage(url) {
 }

 export function removeTrailingSlash(url) {
+  if (!url) {
+    return "";
+  }
+
  if (url.endsWith('/')) {
    return url.slice(0, -1);
  } else {
--- a/web/src/pages/TopUp/index.js
+++ b/web/src/pages/TopUp/index.js
@@ -11,18 +11,20 @@ const TopUp = () => {
    const [topUpCode, setTopUpCode] = useState('');
    const [topUpCount, setTopUpCount] = useState(10);
    const [minTopupCount, setMinTopUpCount] = useState(1);
-    const [amount, setAmount] = useState(0.0);
+    const [payAmount, setPayAmount] = useState(0.0);
+    const [chargedAmount, setChargedAmount] = useState(0.0);
    const [minTopUp, setMinTopUp] = useState(1);
    const [topUpLink, setTopUpLink] = useState('');
-    const [enableOnlineTopUp, setEnableOnlineTopUp] = useState(false);
+    const [paymentEnabled, setPaymentEnabled] = useState(false);
    const [userQuota, setUserQuota] = useState(0);
    const [isSubmitting, setIsSubmitting] = useState(false);
+    const [isPaying, setIsPaying] = useState(false);
    const [open, setOpen] = useState(false);
    const [payWay, setPayWay] = useState('');

    const topUp = async () => {
        if (redemptionCode === '') {
-            showInfo('请输入兑换码！')
+            showError('请输入兑换码！')
            return;
        }
        setIsSubmitting(true);
@@ -57,15 +59,19 @@ const TopUp = () => {
    };

    const preTopUp = async (payment) => {
-        if (!enableOnlineTopUp) {
+        if (!paymentEnabled) {
            showError('管理员未开启在线充值！');
            return;
        }
-        if (amount === 0) {
+        if (!Number.isInteger(Number(topUpCount))) {
+            showError('充值数量必须是整数！');
+            return;
+        }
+        if (payAmount === 0) {
            await getAmount();
        }
        if (topUpCount < minTopUp) {
-            showInfo('充值数量不能小于' + minTopUp);
+            showError('充值数量不能小于' + minTopUp);
            return;
        }
        setPayWay(payment)
@@ -73,15 +79,16 @@ const TopUp = () => {
    }

    const onlineTopUp = async () => {
-        if (amount === 0) {
+        if (payAmount === 0) {
            await getAmount();
        }
        if (topUpCount < minTopUp) {
-            showInfo('充值数量不能小于' + minTopUp);
+            showError('充值数量不能小于' + minTopUp);
            return;
        }
        setOpen(false);
        try {
+            setIsPaying(true)
            const res = await API.post('/api/user/pay', {
                amount: parseInt(topUpCount),
                top_up_code: topUpCode,
@@ -91,33 +98,13 @@ const TopUp = () => {
                const {message, data} = res.data;
                // showInfo(message);
                if (message === 'success') {
-
-                    let params = data
-                    let url = res.data.url
-                    let form = document.createElement('form')
-                    form.action = url
-                    form.method = 'POST'
-                    // 判断是否为safari浏览器
-                    let isSafari = navigator.userAgent.indexOf("Safari") > -1 && navigator.userAgent.indexOf("Chrome") < 1;
-                    if (!isSafari) {
-                        form.target = '_blank'
-                    }
-                    for (let key in params) {
-                        let input = document.createElement('input')
-                        input.type = 'hidden'
-                        input.name = key
-                        input.value = params[key]
-                        form.appendChild(input)
-                    }
-                    document.body.appendChild(form)
-                    form.submit()
-                    document.body.removeChild(form)
+                    location.href = data.payLink
                } else {
+                    setIsPaying(false)
                    showError(data);
-                    // setTopUpCount(parseInt(res.data.count));
-                    // setAmount(parseInt(data));
                }
            } else {
+                setIsPaying(false)
                showError(res);
            }
        } catch (err) {
@@ -146,8 +133,8 @@ const TopUp = () => {
            if (status.min_topup) {
                setMinTopUp(status.min_topup);
            }
-            if (status.enable_online_topup) {
-                setEnableOnlineTopUp(status.enable_online_topup);
+            if (status.payment_enabled) {
+                setPaymentEnabled(status.payment_enabled);
            }
        }
        getUserQuota().then();
@@ -155,7 +142,7 @@ const TopUp = () => {

    const renderAmount = () => {
        // console.log(amount);
-        return amount + '元';
+        return payAmount + '元';
    }

    const getAmount = async (value) => {
@@ -171,7 +158,8 @@ const TopUp = () => {
                const {message, data} = res.data;
                // showInfo(message);
                if (message === 'success') {
-                    setAmount(parseFloat(data));
+                    setPayAmount(parseFloat(data.payAmount));
+                    setChargedAmount(parseFloat(data.chargedAmount));
                } else {
                    showError(data);
                    // setTopUpCount(parseInt(res.data.count));
@@ -206,7 +194,7 @@ const TopUp = () => {
                        size={'small'}
                        centered={true}
                    >
-                        <p>充值数量：{topUpCount}$</p>
+                        <p>充值数量：{topUpCount}$（实到：{chargedAmount}$）</p>
                        <p>实付金额：{renderAmount()}</p>
                        <p>是否确认充值？</p>
                    </Modal>
@@ -244,54 +232,50 @@ const TopUp = () => {
                                    </Space>
                                </Form>
                            </div>
-                            <div style={{marginTop: 20}}>
-                                <Divider>
-                                    在线充值
-                                </Divider>
-                                <Form>
-                                    <Form.Input
-                                        disabled={!enableOnlineTopUp}
-                                        field={'redemptionCount'}
-                                        label={'实付金额：' + renderAmount()}
-                                        placeholder={'充值数量，最低' + minTopUp + '$'}
-                                        name='redemptionCount'
-                                        type={'number'}
-                                        value={topUpCount}
-                                        suffix={'$'}
-                                        min={minTopUp}
-                                        defaultValue={minTopUp}
-                                        max={100000}
-                                        onChange={async (value) => {
-                                            if (value < 1) {
-                                                value = 1;
-                                            }
-                                            if (value > 100000) {
-                                                value = 100000;
-                                            }
-                                            setTopUpCount(value);
-                                            await getAmount(value);
-                                        }}
-                                    />
-                                    <Space>
-                                        <Button type={'primary'} theme={'solid'} onClick={
-                                            async () => {
-                                                preTopUp('zfb')
-                                            }
-                                        }>
-                                            支付宝
-                                        </Button>
-                                        <Button style={{backgroundColor: 'rgba(var(--semi-green-5), 1)'}}
-                                                type={'primary'}
-                                                theme={'solid'} onClick={
-                                            async () => {
-                                                preTopUp('wx')
-                                            }
-                                        }>
-                                            微信
-                                        </Button>
-                                    </Space>
-                                </Form>
-                            </div>
+                            {paymentEnabled ?
+                                <div style={{marginTop: 20}}>
+                                    <Divider>
+                                        在线充值
+                                    </Divider>
+                                    <Form>
+                                        <Form.Input
+                                            disabled={!paymentEnabled}
+                                            field={'redemptionCount'}
+                                            label={'实付金额：' + renderAmount()}
+                                            placeholder={'充值数量，必须整数，最低' + minTopUp + '$'}
+                                            name='redemptionCount'
+                                            type={'number'}
+                                            value={topUpCount}
+                                            suffix={'$'}
+                                            min={minTopUp}
+                                            defaultValue={minTopUp}
+                                            max={100000}
+                                            onChange={async (value) => {
+                                                if (value < 1) {
+                                                    value = 1;
+                                                }
+                                                if (value > 100000) {
+                                                    value = 100000;
+                                                }
+                                                setTopUpCount(value);
+                                                await getAmount(value);
+                                            }}
+                                        />
+                                        <Space>
+                                            <Button style={{backgroundColor: '#2e75cd'}}
+                                                    type={'primary'}
+                                                    disabled={isPaying}
+                                                    theme={'solid'} onClick={
+                                                async () => {
+                                                    preTopUp('stripe')
+                                                }
+                                            }>
+                                                {isPaying ? '支付中...' : '去支付'}
+                                            </Button>
+                                        </Space>
+                                    </Form>
+                                </div> : <></>
+                            }
                            {/*<div style={{ display: 'flex', justifyContent: 'right' }}>*/}
                            {/*    <Text>*/}
                            {/*        <Link onClick={*/}
--- a/web/yarn.lock
+++ b/web/yarn.lock
Author	SHA1	Message	Date
wozulong	71d60eeef7	merge upstream Signed-off-by: wozulong <>	2024-03-22 18:09:13 +08:00
wozulong	247ae0988f	replace epay with stripe Signed-off-by: wozulong <>	2024-03-22 18:00:20 +08:00
CaIon	c33b1522cc	fix: 充值并发导致订单号相同	2024-03-21 23:57:48 +08:00
CaIon	ff7da08bad	fix: add missing created	2024-03-21 23:46:43 +08:00
CaIon	3e03c5a742	fix: add missing id,object,created	2024-03-21 23:44:39 +08:00
CaIon	d9344d79cf	fix: try to fix curl: (18)	2024-03-21 23:25:07 +08:00
CaIon	c4b3d3a975	fix: fix embedding	2024-03-21 17:39:05 +08:00
CaIon	031957714a	refactor: 代码结构优化	2024-03-21 17:19:21 +08:00
CaIon	3f808be254	fix: add missing version	2024-03-21 16:26:26 +08:00
CaIon	9b64f4a34a	fix: fix mj panic	2024-03-21 15:04:04 +08:00
wozulong	0907fa6994	fix next uid Signed-off-by: wozulong <>	2024-03-21 15:02:47 +08:00
wozulong	9855343aa8	Merge remote-tracking branch 'upstream/main'	2024-03-21 15:01:51 +08:00
CaIon	222a55387d	fix: fix SensitiveWords error	2024-03-21 14:29:56 +08:00
wozulong	bd50fde268	Merge remote-tracking branch 'upstream/main'	2024-03-21 13:10:21 +08:00
CaIon	d7e25e1604	fix: fix SensitiveWords load error	2024-03-20 23:58:42 +08:00
CaIon	c7658b70d1	fix: 敏感词库为空时，不检测	2024-03-20 22:33:22 +08:00
CaIon	d5e93e788d	fix: midjourneys table	2024-03-20 21:49:54 +08:00
CaIon	dd71946047	fix: claude panic	2024-03-20 21:32:33 +08:00
CaIon	b736de7189	fix: claude panic	2024-03-20 21:28:45 +08:00
Calcium-Ion	5e7774cf08	Merge pull request #131 from Calcium-Ion/sensitive-words feat: 敏感词过滤	2024-03-20 20:38:15 +08:00
CaIon	a232afe9fd	feat: 统一错误提示	2024-03-20 20:36:55 +08:00
CaIon	eb6257a8d8	fix: fix SensitiveWordContains not working	2024-03-20 20:28:00 +08:00
CaIon	47b9f48544	fix: fix error	2024-03-20 20:26:34 +08:00
CaIon	2db4282666	feat: 保留功能	2024-03-20 20:15:32 +08:00
wozulong	4267de5642	fix yarn timeout Signed-off-by: wozulong <>	2024-03-20 19:14:17 +08:00
CaIon	64b9d3b58c	feat: 初步兼容生成内容检查	2024-03-20 19:00:51 +08:00
wozulong	8b55116563	update build files Signed-off-by: wozulong <>	2024-03-20 18:31:22 +08:00
CaIon	7a663d26ec	feat: 初步兼容敏感词过滤	2024-03-20 17:07:42 +08:00